Static task
static1
Behavioral task
behavioral1
Sample
SWF0550.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
SWF0550.exe
Resource
win10v2004-20240508-en
General
-
Target
30052024_1406_28052024_SWF0550.rar
-
Size
616KB
-
MD5
093f761909fbc824a9dc311f22435d45
-
SHA1
21a28d2f46a17a4f012b0e68516f24c58fa69d97
-
SHA256
06901b02d137bffce6113bbbe63d341908bd7cbc128e71ade1123a328aaebf11
-
SHA512
b803ee974b5e6adc0c64aaf242050790ab9f618641384f1c9222437b412ff3e4dfa96a446f3b9dd5a012b31723267561943e4990e7f2f1840aeac915fee988e5
-
SSDEEP
12288:er7NdQkhBp5N8lvauuslPQCwLIKbuK9EkZbOKZhr+/B6EPGlF11FN:GBhBKvauuslPQlLIKbTVbQJPqv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/SWF0550.exe
Files
-
30052024_1406_28052024_SWF0550.rar.rar
Password: infected
-
SWF0550.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 650KB - Virtual size: 649KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 14KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ