Resubmissions
14-05-2024 10:41
240514-mrgf5scg23 10Static task
static1
Behavioral task
behavioral1
Sample
369be61aca46750085c842147909f80c8f938555071adeaceac6727bfcf74186.exe
Resource
win7-20240221-en
General
-
Target
369be61aca46750085c842147909f80c8f938555071adeaceac6727bfcf74186.zip
-
Size
2.2MB
-
MD5
027866e4d4d7411f588991ecb31e98b4
-
SHA1
24d25e65d124ca369baae0246109ccaca0eab5ba
-
SHA256
59e4212b84a36744e19bf788f29ad35fec361b80bc92468f9b658346cf1532a6
-
SHA512
bac543df234f0e20dfb3f71594c55365333222c3594fe12cd0c0178b5ac9c4cdd96170c0bb569108f53b8316f2af1bf96b939f285423b41023b7f492a37297ee
-
SSDEEP
49152:tXcTEXpwNexYMzZf47a80FH2g4hQOlDI292re9nseWQI:tXcGlxrZf4u8Jnh2CnsUI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/369be61aca46750085c842147909f80c8f938555071adeaceac6727bfcf74186.exe
Files
-
369be61aca46750085c842147909f80c8f938555071adeaceac6727bfcf74186.zip.zip
Password: infected
-
369be61aca46750085c842147909f80c8f938555071adeaceac6727bfcf74186.exe.exe windows:4 windows x86 arch:x86
a9c887a4f18a3fede2cc29ceea138ed3
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Imports
msvcrt
malloc
memset
strcmp
strcpy
getenv
sprintf
fopen
fwrite
fclose
__argc
__argv
_environ
_XcptFilter
__set_app_type
_controlfp
__getmainargs
exit
shell32
ShellExecuteA
kernel32
SetUnhandledExceptionFilter
Sections
.text Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.bss Size: - Virtual size: 4B
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ