Static task
static1
Behavioral task
behavioral1
Sample
c5ad319799d36151e0d328dc73736af67d2ea201bb57c39573cffabf9e2792d0.exe
Resource
win7-20240705-en
General
-
Target
03c597ac6fae7130833e04e289c1a707.bin
-
Size
448KB
-
MD5
c418a669417314413e11af7a27f27f21
-
SHA1
0cb70ff172a5ca531e4db7356a67469bea861055
-
SHA256
ea685e4847023412aa4b45b1b849483d0f3635cac9b448d05e8970df7d7aaa33
-
SHA512
820887cdd98b41c942865166c3c9885d4304fb02c276da9cef2cded8bb68f3d42fbe9018ecd650d785b9e5cc608ead90b5af6e6ab4bb2781128e8b5173e2dbd6
-
SSDEEP
12288:9GpS8GnDk8wwyQGRWvZw8KzflL1yxmJr1Q+n2fb:9GqZwwydWvZw8eft1+mHQ+ngb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/c5ad319799d36151e0d328dc73736af67d2ea201bb57c39573cffabf9e2792d0.exe
Files
-
03c597ac6fae7130833e04e289c1a707.bin.zip
Password: infected
-
c5ad319799d36151e0d328dc73736af67d2ea201bb57c39573cffabf9e2792d0.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ