Static task
static1
Behavioral task
behavioral1
Sample
b1dbe37d7e430630d1806b9cf40e71f3e1c0865892b9f5a74ff7dff422817596.exe
Resource
win7-20240705-en
General
-
Target
85bf96314581e45de5f79e617c38c6f321190bb994ca039a14ee36ed1307e884
-
Size
508KB
-
MD5
f5cf55364bb60268058d5f8f99b19cee
-
SHA1
d9e88e6fe1cd4c49d34d5e53147f1b0ae715a592
-
SHA256
85bf96314581e45de5f79e617c38c6f321190bb994ca039a14ee36ed1307e884
-
SHA512
7bcf9f927cc6a3db966993a159fb94fef407fde101972f636d315743a13029cc0959da5c2670d6535ea63afea6f6260435f29b811130d6ef68e07ed3c24cd0fe
-
SSDEEP
12288:aKWttCheTbyvhOYlvqqrmd6KfQiSBUoY9pjxiwkGk8TVdNq:iSeTG9zm6Zo9jiBGk8Bdw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/b1dbe37d7e430630d1806b9cf40e71f3e1c0865892b9f5a74ff7dff422817596.exe
Files
-
85bf96314581e45de5f79e617c38c6f321190bb994ca039a14ee36ed1307e884.zip
Password: infected
-
b1dbe37d7e430630d1806b9cf40e71f3e1c0865892b9f5a74ff7dff422817596.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 522KB - Virtual size: 521KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 1024B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ