Static task
static1
Behavioral task
behavioral1
Sample
612f8f59794cb8257af89ab138bb768a0578848f3b4359280070097aa62f8e00.exe
Resource
win7-20240221-en
General
-
Target
d3b40b51e542efb11ef776ccab1f76e6.bin
-
Size
165KB
-
MD5
ab5a4245d2938d21350ff9a19b9d39a2
-
SHA1
05c6c6ac24b5f25200f6070f8988cb667f24ec12
-
SHA256
47351bebbc43b3ad1124176f9b2b8c00010529fccad6ab03f5b7202e66044a39
-
SHA512
da6045c1a3fce4d451be69183886fe2160728ed9ad980eb4dc794ae35941f1d537973f251a3dc0c3a3684be5045fe8af4f3842ca1fe1e21edb0481a46e3b798b
-
SSDEEP
3072:rMWQJKG3OqZ5UiAAOEljqEGnVpNv6rhR8sRSUFBMYN3lfLV5Az:rMj+i5UiiEljlGVpsrhKsRSm/N2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/612f8f59794cb8257af89ab138bb768a0578848f3b4359280070097aa62f8e00.exe
Files
-
d3b40b51e542efb11ef776ccab1f76e6.bin.zip
Password: infected
-
612f8f59794cb8257af89ab138bb768a0578848f3b4359280070097aa62f8e00.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 343KB - Virtual size: 343KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ