2024-05-08_3972f37ad9c9355b7ffd1b27f8a1cef8_hiddentear | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2024-05-08_3972f37ad9c9355b7ffd1b27f8a1cef8_hiddentear
Size

316KB
MD5

3972f37ad9c9355b7ffd1b27f8a1cef8
SHA1

a6a25a14418e20061a958ffdcb1218203d452b5d
SHA256

92973547d88dfd328727975230b12dacfd0d4d9d75419cf56bf97fec6cb8c3d4
SHA512

be4d916818150080f4ff9c6760aa76f5909131ed5cecf9037f84c7b3aca8cfb33492a4b90a01b3a022cf3f2147297f88342ff90bc7773ddb730f2d0c46319864
SSDEEP

6144:cj00Bpw8jweTkJniswIhh5kegEAPVd3WOj1+x2W5DZNuisi6N3be+lDAA:cj00BSjeIxgEAzWOp+x2W5DKiN6N3b9v

Score

10^/10

Malware Config

Signatures

Detects executables packed with ConfuserEx Mod 1 IoCs

resource	yara_rule
sample	INDICATOR_EXE_Packed_ConfuserEx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2024-05-08_3972f37ad9c9355b7ffd1b27f8a1cef8_hiddentear

Files

2024-05-08_3972f37ad9c9355b7ffd1b27f8a1cef8_hiddentear
.exe windows:4 windows x86 arch:x86

f34d5f2d4577ed6d9ceec516c1f5a744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

mscoree

_CorExeMain

Sections

ziey(H
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ