Static task
static1
Behavioral task
behavioral1
Sample
730e7cf897c39641a53c1e8d4ae6cec4c57a79fcab3f4fb6c031ec5a7586cf99.exe
Resource
win7-20240221-en
General
-
Target
aaf602a30ead7c1051e896420f6f14463e858607347cc3ca3f07e6ada7e962fd
-
Size
194KB
-
MD5
39ac8830d48274cbd87380da47945f1f
-
SHA1
8bd67f2d5bfff40f8f7502f18123ebd8f8f168d5
-
SHA256
aaf602a30ead7c1051e896420f6f14463e858607347cc3ca3f07e6ada7e962fd
-
SHA512
1345a00691b84ad23fcced82e5f591a0a912a3f48a3fdc9f9d613c7398b749d053108134e404c0fde72ea3f88259003a2e3a5e372b48a2b05bceb60528a2c8f6
-
SSDEEP
6144:ZuAzGZ+yQ0+LaB1N1PjpE+DbPl9dgfjLfbxQyo:0qg+lLIa+fPlofPfvo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/730e7cf897c39641a53c1e8d4ae6cec4c57a79fcab3f4fb6c031ec5a7586cf99.exe
Files
-
aaf602a30ead7c1051e896420f6f14463e858607347cc3ca3f07e6ada7e962fd.zip
Password: infected
-
730e7cf897c39641a53c1e8d4ae6cec4c57a79fcab3f4fb6c031ec5a7586cf99.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 229KB - Virtual size: 229KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ