Static task
static1
Behavioral task
behavioral1
Sample
aspnet80.exe
Resource
win7-20240611-en
General
-
Target
aspnet80.exe
-
Size
708KB
-
MD5
a7073a3267e29df0e36f16760942c4da
-
SHA1
9fb42b03685673a6936643673036a0832b90d039
-
SHA256
599ba59f51a3bb9db2dc7a572df715182d049fefa829e6ff6debdd38d20b7632
-
SHA512
b7323bc3de45540cec738cf94b87bd6cb942e889126ca9f680731f1899ef95ab90cbd0fa240b562cbb9c9c4d275f29173e85accbfc183a39045e0c70ff358419
-
SSDEEP
12288:lJFZqYMOaQ0q9nV/zsnK23KHVI6nodVdyMLiqyVcxwtVxgpMiuzOTIfwj7LD5fe:zFZqhOBnVyK23C6OoYMLiVcKtVx4Miu9
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource aspnet80.exe
Files
-
aspnet80.exe.exe windows:4 windows x86 arch:x86
Password: infected
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
test Size: - Virtual size: 988KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
data Size: 625KB - Virtual size: 628KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 80KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE