iHaC.pdb
Static task
static1
Behavioral task
behavioral1
Sample
AWB 5596370080 Documents.exe
Resource
win7-20240705-en
General
-
Target
AWB 5596370080 Documents.gz
-
Size
887KB
-
MD5
8e1ff426694b680b166d92c1d92863f9
-
SHA1
033cf1d2087b978ee425eb20a470ada41f74dd65
-
SHA256
1b4991d36f09f8cb146534524957f89da72621057cce18a95335b001566b08b2
-
SHA512
a3874478d8009e7b782a30d71c1138415bdb3a0491e33975c8de3e74a0d1d12dc9e4fdd5768c27f0573c772e877e4be2ebb229179b8698f9ef5a8a51756a0fa1
-
SSDEEP
24576:YR9UtmVyyP+ojt5FGxPEEvlqayxOCvHnJ2s+v:YRWmEyP+MGjvlNWn1s
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/AWB 5596370080 Documents.exe
Files
-
AWB 5596370080 Documents.gz.rar
-
AWB 5596370080 Documents.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 932KB - Virtual size: 931KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ