Static task
static1
Behavioral task
behavioral1
Sample
072be0734cd0581ff396918e854786fa2db17b086a06595e5b6418e80dc331de.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
072be0734cd0581ff396918e854786fa2db17b086a06595e5b6418e80dc331de.exe
Resource
win10v2004-20240704-en
General
-
Target
af2d70d630ccb7155cf8d52610a1cc666f4ed540f85ecc5d8d0abf170ec4632f
-
Size
207KB
-
MD5
e9fc38dcc6ade899eda29261dda50611
-
SHA1
d57ccbfc317e6572dff51d871cc808c8a3eaf39a
-
SHA256
af2d70d630ccb7155cf8d52610a1cc666f4ed540f85ecc5d8d0abf170ec4632f
-
SHA512
82aef885c181afd969534c1749d30ead952ede3e331445ab6eca1fc8258ac1f0672f8a7e8c6d8ea0adef855e55849373efca3d144b4939abf6e2fd3120f29c85
-
SSDEEP
3072:NsRqYJMZFisPJd/022uV31z7zztLYv3ikWNI02fACKpwX6dUcRBqp7wakbowSmtW:SkYCQsJi22wzp5k4AfAzNJRyMN1tGzr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/072be0734cd0581ff396918e854786fa2db17b086a06595e5b6418e80dc331de.exe
Files
-
af2d70d630ccb7155cf8d52610a1cc666f4ed540f85ecc5d8d0abf170ec4632f.zip
Password: infected
-
072be0734cd0581ff396918e854786fa2db17b086a06595e5b6418e80dc331de.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
EP%mT< Size: 149KB - Virtual size: 148KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 144KB - Virtual size: 144KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ