Static task
static1
Behavioral task
behavioral1
Sample
FACTURAS.scr
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
FACTURAS.scr
Resource
win10v2004-20240419-en
General
-
Target
29042024_2033_29042024_FACTURAS.gz
-
Size
540KB
-
MD5
13070e9f01202d39650387bb7907dac4
-
SHA1
842021b33a86183b4f633bf45b6f8ae35c307a5c
-
SHA256
e094ddee9220fb1048fe7c0c92903f1ff69cfc867e82e11801c4c883fe5abff1
-
SHA512
362e66a8ddc8dd4241102acce183e4fb4290ef9b98e4ccece251b105e274d239286a7106b97fcd72a3586c941b7ee9dc4b4816384d78354e313a95652701f2bd
-
SSDEEP
12288:n5Y4cCOEWFr2zPSKshrO6/agYBBImlmHUhv+6:5YQg4SKspO6/azSmlmHUV+6
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/FACTURAS.scr
Files
-
29042024_2033_29042024_FACTURAS.gz.rar
Password: infected
-
FACTURAS.scr.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 950KB - Virtual size: 950KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ