Static task
static1
Behavioral task
behavioral1
Sample
6d6626b2ac0ac6aee163c5e7ed6930147bb79bfd073e5103b0fe41e498794529.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
6d6626b2ac0ac6aee163c5e7ed6930147bb79bfd073e5103b0fe41e498794529.exe
Resource
win10v2004-20240611-en
General
-
Target
444d5540f04027ce95b42b109429ca80.bin
-
Size
1.2MB
-
MD5
c5c5bfef3fc3d7d17b99cecc66e915fe
-
SHA1
48017a6fdcb2ed11dd7e210c74997f69e468dc0d
-
SHA256
1e9841723554e452537409c02276ae04e4a6172cf91fc501fab6c4f23384460c
-
SHA512
ac85f567031bab0c3c98be98282e78c36251ab146a95dc7cb3ea91826c0ad567fa57216e978ef0d462d34317ac62baf0b3684d0454b82a35d80a5f9d1d0d4ebf
-
SSDEEP
24576:Gogr395Ur0qgdfqRf5T984NRzw8NA6V8J0UFlezaH1aN5+IbFKz:GogIr8pqRzBdA6WJhezaKEU4z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/6d6626b2ac0ac6aee163c5e7ed6930147bb79bfd073e5103b0fe41e498794529.exe
Files
-
444d5540f04027ce95b42b109429ca80.bin.zip
Password: infected
-
6d6626b2ac0ac6aee163c5e7ed6930147bb79bfd073e5103b0fe41e498794529.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 800B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ