Static task
static1
General
-
Target
MRMATT32 (1).ZIP
-
Size
498KB
-
MD5
c730f506bff0627535877c1db803b6cc
-
SHA1
f515590a6b1e4d2d4bb558bd5f310e794463b89e
-
SHA256
e1ea0a395c950e76d2f419f6cb5ef0943288c0f019beb57f773c085b8cd1afaa
-
SHA512
591a4bc9cf5c324523cf21de8f4bc86433f073cb52f5a9e6c89fcfdffd132695ebdf4f8b3917fdd3d4268f7ad45980b62ebf59a4d5650cd008001d043fb0f7e9
-
SSDEEP
12288:/JdUEzWOUXElw5ExmcfcMz55yqr+/Qi/pIsiiq0mOvosK6PwAXvjrAhS1:BGEzEXEldxBfcWyqCBIsiWwh6jr4S1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/MRMATT.EXE
Files
-
MRMATT32 (1).ZIP.zip
Password: 1
-
APLECITY.MAT
-
DJAMDJAK.MAT
-
EASY_ONE.MAT
-
FILE_ID.DIZ
-
KALKULM.FON
-
KALKULP.FON
-
MM_ALL.WAV
-
MM_ERROR.WAV
-
MM_INP.WAV
-
MM_KILL.WAV
-
MM_NULL.WAV
-
MM_PICK.WAV
-
MM_REST.WAV
-
MM_SNAP.WAV
-
MM_STON.WAV
-
MM_STUP.WAV
-
MM_TADA.WAV.mp3
-
MM_WIN.WAV
-
MRMATT.EXE.exe windows:1 windows x86 arch:x86
Password: 1
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
CODE Size: 215KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
DATA Size: 3KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BSS Size: - Virtual size: 2KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: - Virtual size: 8B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 512B - Virtual size: 24B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 322KB - Virtual size: 322KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
MRMATT.HLP
-
README.1ST
-
STONES.MAT
-
TRY_THIS.MAT
-
VENDINFO.DIZ
-
WHATSNEW.TXT