plg_init
Static task
static1
Behavioral task
behavioral1
Sample
f8d6197fc5597b8788ea645fd1dc9307cfd6ace8bf578620d642866a69e05d01.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
f8d6197fc5597b8788ea645fd1dc9307cfd6ace8bf578620d642866a69e05d01.dll
Resource
win10v2004-20240611-en
General
-
Target
0400e4db10ad239aa1c66561327373d1.bin
-
Size
71KB
-
MD5
0bf0d5abf3ca11f7d3cedd3b0f374fd0
-
SHA1
b72cfd160629e4bbf6b912052fec273fffda1c6d
-
SHA256
f525746f6e832090acfa173f61e9059fae0ab3ab763d7858b7a61b2812f7980f
-
SHA512
6471bbfc7757c789312e1c10f47f6299690b316cf0a980fd9ad0515999b8e12d937953d7309e6b091a0cf70a1abfccfed15be5f7e6301b88b81d9ddf95f71d95
-
SSDEEP
1536:p8h2/mrWVWGZkzf7Tw1u1a3Lb0+1XyYsrcb+C6it50Ga6LZvefJC:C2qWSH8uk3H0+ByYs+L6ibBsC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/f8d6197fc5597b8788ea645fd1dc9307cfd6ace8bf578620d642866a69e05d01.dll
Files
-
0400e4db10ad239aa1c66561327373d1.bin.zip
Password: infected
-
f8d6197fc5597b8788ea645fd1dc9307cfd6ace8bf578620d642866a69e05d01.dll.dll windows:5 windows x86 arch:x86
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Exports
Exports
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 67.5MB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ