Static task
static1
Behavioral task
behavioral1
Sample
DB6BF30FD61D330A5466459124FD4F21.exe
Resource
win7-20240508-en
General
-
Target
DB6BF30FD61D330A5466459124FD4F21.exe
-
Size
897KB
-
MD5
db6bf30fd61d330a5466459124fd4f21
-
SHA1
5beef951cc1052daeca87d5ef69999b3d0cc1381
-
SHA256
20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe
-
SHA512
f794a8ed161e23951299890660fd98f42cd0159aca9d6f653263170b0c63ab8b6a4ba2101f13862541440b01517da2c6348a26f1a1cec470878abe4b796474dd
-
SSDEEP
24576:KMPzX5QdJTGSQfTWJcWF2dZ7T8IY3Sd+L0S6D9:KMLqXTGSjcQmZ7QIcSEmD
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource DB6BF30FD61D330A5466459124FD4F21.exe
Files
-
DB6BF30FD61D330A5466459124FD4F21.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 628KB - Virtual size: 628KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ