Static task
static1
Behavioral task
behavioral1
Sample
c381309bd93b871a4ffecad472cb82fa30387ea32f31ca0fa23ee261aa4ad204.exe
Resource
win7-20240221-en
General
-
Target
5d86465e46f3f4908c9a46d5d01d4e71.bin
-
Size
464KB
-
MD5
c17f62cb93ed77cd36521a9d6a602574
-
SHA1
a8aef245f4cde1ad7071657021a37d165317bb60
-
SHA256
42d833abf34a03935caccf12b8f6c06ff9c1c85d7774cbffbe928325eb35e524
-
SHA512
c0678c6519ee31122eb4010e0d522d1e4f7d8416593d30c9c0e3637e881ea314b677a55e135f96ddcae4b939d87f8ae010d3d54c2318dbe59195b5f700ebd30c
-
SSDEEP
12288:YvzbhgaQGBwZMg/+n0UP74pgYsQAg1HH4g3yrab/jeMs0bVI4/pxB:YpfsaxagY51PkcxbCupxB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/c381309bd93b871a4ffecad472cb82fa30387ea32f31ca0fa23ee261aa4ad204.exe
Files
-
5d86465e46f3f4908c9a46d5d01d4e71.bin.zip
Password: infected
-
c381309bd93b871a4ffecad472cb82fa30387ea32f31ca0fa23ee261aa4ad204.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 69KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ