Static task
static1
Behavioral task
behavioral1
Sample
d49838ebe358d49ea93e8a761ee9a0d3a5bf08d1846c58314148f93d4070db61.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
d49838ebe358d49ea93e8a761ee9a0d3a5bf08d1846c58314148f93d4070db61.exe
Resource
win10v2004-20240508-en
General
-
Target
3f8831d9261238251e36422d413ea006.bin
-
Size
634KB
-
MD5
3b2287602502eb869ce5f7067601f0cf
-
SHA1
e7bd2bff54014b99e8684c6572c86a26f874c0a6
-
SHA256
37f5c9fa0cee5064fffe91676e2c58086c36c9601285ebcf361763333fab6e35
-
SHA512
de532282a0547a488c5fe011724ed20abe940ea1b1bf3138741d66a51d0fbb55b3a5d07080f33aff0e53127fc699724ba7871fcbb8d5830f061632dffff97039
-
SSDEEP
12288:UDpwX6EtDms1A2V5pLPyXorkj8bhw84vGOeTwSTVWuFpiJlo4S:SwXvI25pmfACZetTRtFkJlq
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/d49838ebe358d49ea93e8a761ee9a0d3a5bf08d1846c58314148f93d4070db61.exe
Files
-
3f8831d9261238251e36422d413ea006.bin.zip
Password: infected
-
d49838ebe358d49ea93e8a761ee9a0d3a5bf08d1846c58314148f93d4070db61.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 37KB - Virtual size: 37KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ