Static task
static1
Behavioral task
behavioral1
Sample
557d6f6e629265584a9e120cfe54a771580bb6e0e76170123bb86522285426e8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
557d6f6e629265584a9e120cfe54a771580bb6e0e76170123bb86522285426e8.exe
Resource
win10v2004-20240426-en
General
-
Target
f98d5c883d406c84bd6667887445ae09b4b9ba19f50c15e20a7e8dab1d7c17ec
-
Size
637KB
-
MD5
2786d2f1b00af131ec294944739ccb91
-
SHA1
72000e4448cae442ef50484db3eea0a31a9e27f5
-
SHA256
f98d5c883d406c84bd6667887445ae09b4b9ba19f50c15e20a7e8dab1d7c17ec
-
SHA512
ee63be01efa82d8ea4ba79d37d076186102bc2489b18e0162b79dfc32f5e80ba23ea454251ab9f7ee9207f7a5c8811d4f779bed8f5ccbec06adf9d798d4ea74b
-
SSDEEP
12288:OSDND1EGtlBfJUo9O58csrpd34XBS5wak9L83cb3SyfodShoKJcs6gz297c:HhB5lBfJs5xsrppCKHuQWzfUGVcs6Q2A
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/557d6f6e629265584a9e120cfe54a771580bb6e0e76170123bb86522285426e8.exe
Files
-
f98d5c883d406c84bd6667887445ae09b4b9ba19f50c15e20a7e8dab1d7c17ec.zip
Password: infected
-
557d6f6e629265584a9e120cfe54a771580bb6e0e76170123bb86522285426e8.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 127KB - Virtual size: 126KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ