Static task
static1
Behavioral task
behavioral1
Sample
HDXC~9337636PO-EXT-P88.exe
Resource
win7-20240704-en
General
-
Target
10072024_1538_09072024_HDXC~9337636PO-EXT-P88.TAR.Z
-
Size
594KB
-
MD5
667b2de9914f8a952a6a69d08a979d03
-
SHA1
9c4512926a60f568cd6b3aaa9a159fae5246130d
-
SHA256
4e813f14b451daf345397cfc7c5dd0cded2a6a97c0ed3aae89bd2642f4d17c31
-
SHA512
84bc1094e9325ae5a31cc5e83848909467555ea7910976364e1c6d589580fd7ce365177dc467715fef1dad8ad1f6936ba46cee07aaab72ddddcf2611f5ddae48
-
SSDEEP
12288:wTEHwRlXslh9R6F3BxM8DRctTtG4WSKi0Cv8l3yd:wTBRlXsj9RsnDRHSKCv8l34
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/HDXC~9337636PO-EXT-P88.exe
Files
-
10072024_1538_09072024_HDXC~9337636PO-EXT-P88.TAR.Z.rar
Password: infected
-
HDXC~9337636PO-EXT-P88.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 42KB - Virtual size: 42KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 161KB - Virtual size: 160KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ