Static task
static1
Behavioral task
behavioral1
Sample
Custom Clearance 5816641785332.exe
Resource
win7-20240704-en
General
-
Target
Custom Clearance 5816641785332.cab
-
Size
562KB
-
MD5
c1e75f6607e31205b895d48b6357ba0c
-
SHA1
138e36faa63c2396ac1bdc15dbcb44f3677b4b81
-
SHA256
a54287191c76db416816b7a3af4bca08706b3d0b46b78ee0002f04c3b71c5414
-
SHA512
35cf015c880f4ac22dc6764115edc672b937add97b05a63f5fef8c31537a1661c9684f0fc34658a91d7e2ea777600f45c0b09cc94c86830baf1052f9c8b852e5
-
SSDEEP
12288:kZiZVtNbOHpEkZVitfPfvgrA4ZC7/gcI1rDuZ+YEAA+9lpMpg:kZiZIfVQPfoC/gcIxDuDEqPMe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/Custom Clearance 5816641785332.exe
Files
-
Custom Clearance 5816641785332.cab.cab
-
Custom Clearance 5816641785332.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 783KB - Virtual size: 782KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1024B - Virtual size: 980B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ