Static task
static1
General
-
Target
Kapaloties.exe
-
Size
9.4MB
-
MD5
0b50ce810c4e983899d2c350f1fbaf4c
-
SHA1
cf37ea29c980ba38b0f6d355aa4fa0c20da12e23
-
SHA256
aa0d1456360b77a73b34ce3e3a2657e59a5d348edd760fe3d2859c4916a933a5
-
SHA512
c97b3de9806b6e0112bb34f4373f1a54ee612f2a3a751045b6f91b075f049459064af807158eccf9f832c2fb32ab5021ff3ed448d140abad735d29e40e26f59a
-
SSDEEP
196608:Zn53lkIVV2RZ5WuDaKjBHYAkSI1xxjv1pTPeJT:J53lk95WOJBxkSMDvLTu
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Kapaloties.exe
Files
-
Kapaloties.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.Rose Size: 9.4MB - Virtual size: 9.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 72KB - Virtual size: 71KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ