Static task
static1
Behavioral task
behavioral1
Sample
8blUvlNOCtqCpio.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
8blUvlNOCtqCpio.exe
Resource
win10v2004-20240709-en
General
-
Target
8blUvlNOCtqCpio.exe
-
Size
704KB
-
MD5
e9d3f109202a29867b26cb0de5276b2c
-
SHA1
d4cc52178233c9027837db358f9776597f1c5e73
-
SHA256
4ca711bc6a1cfc2ec7158cf610bb54391dc9690cb36855479d0a9a76bc9b9623
-
SHA512
98eef78b34461f42f462ce3b7863254f6ae671d01729a03a89c6fcf54ca37cfa960703b3dd93e68c5251994e7d88e8623846da51b9df37f2cb3144f10c1b20dd
-
SSDEEP
12288:6iN882B6YuavmLoBLOdRY0WgbyaMkG0sapO3WqQ8SPyRQBaHowU4XmSlC4PxPMJ4:6u2BRdvmL4WSRCyaMusaVAqyWAHovQmZ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8blUvlNOCtqCpio.exe
Files
-
8blUvlNOCtqCpio.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 695KB - Virtual size: 695KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ