Static task
static1
Behavioral task
behavioral1
Sample
3210-9-A-2962-12-L/3210-9-A-2962-12-L.exe
Resource
win7-20240221-en
General
-
Target
04062024_0135_03062024_3210-9-A-2962-12-L.7Z
-
Size
629KB
-
MD5
b1747f9e5cd614436be49c44f8ddb586
-
SHA1
91a7de30b3138c047ebc9f4fa6bfe37d207e9feb
-
SHA256
8e0dd8c117344c4c3024dfb8afb2295581ce90ae026dc64691a62a8f6127316c
-
SHA512
6a366c1a5d5a6f582f90b72d7eee15ecc41fd4db3d563c3e06c128126b6571a2dce483a8f8dc8629a7f1cb6b17ca6a4a4c68a394abeb69a4b676df6262b9972b
-
SSDEEP
12288:30ei6hmQsfdJt0zb6MOo+KZiFo/F8KA/oBUz:3s6zs6H6MOtgzF8z/n
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/3210-9-A-2962-12-L/3210-9-A-2962-12-L.exe
Files
-
04062024_0135_03062024_3210-9-A-2962-12-L.7Z.rar
Password: infected
-
3210-9-A-2962-12-L/3210-9-A-2962-12-L.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 39KB - Virtual size: 38KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ