Static task
static1
Behavioral task
behavioral1
Sample
4de928eed092809696e1212bc93c23cd9229773c45552619cb50eb9ccf769185.exe
Resource
win7-20240508-en
General
-
Target
160fa92317d39d164912390c1c9f2a7c20f03811db02acf964ae88fdb7671a3b
-
Size
2.2MB
-
MD5
37cc046bf2f9e4c9b673c06440936193
-
SHA1
ffb1bb92955db220094e539a3e27bfb164941422
-
SHA256
160fa92317d39d164912390c1c9f2a7c20f03811db02acf964ae88fdb7671a3b
-
SHA512
86431ef253e20ea6a3089c7abbf011926c7cd14992ef9b18d7048d2766bda35e0c35621c4e898d5cfcf4953e34a35597a7244fcc65e7a99d49375dfae7983b26
-
SSDEEP
49152:ELewTA54Wkj7KccB/FPm1dpEalTIzVOy5CzAr+vHeCNtMVSObGJUog+WhHZG4E3j:QewTLb7KccBg1zhEOyMEcr3gklWZgj3j
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/4de928eed092809696e1212bc93c23cd9229773c45552619cb50eb9ccf769185.exe
Files
-
160fa92317d39d164912390c1c9f2a7c20f03811db02acf964ae88fdb7671a3b.zip
Password: infected
-
4de928eed092809696e1212bc93c23cd9229773c45552619cb50eb9ccf769185.exe.exe windows:6 windows x86 arch:x86
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 685KB - Virtual size: 1.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
iatkcpjv Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wbdehfod Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE