Static task
static1
Behavioral task
behavioral1
Sample
ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da.exe
Resource
win10v2004-20240802-en
Behavioral task
behavioral2
Sample
ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da.exe
Resource
win11-20240802-en
General
-
Target
ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da
-
Size
3.2MB
-
MD5
ff4188dc02e8d3dabea5b613c00d34cb
-
SHA1
1bd4ef476c54795c28cb3acbaa44b2fbc4abc9ee
-
SHA256
ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da
-
SHA512
14f0940053c2d0218e2ba325b585e20a5252ad57b29630a57607d4f70d390227148aa0bc366e4d57afc3cd7785d2e0ea9b7f9a96732a9699c346c9c3e39cc45a
-
SSDEEP
49152:Fy6VlEbmYQ2gLOkmL35nZfmcb0Z7NANyu1DyTj9yMQoPwdCqp6aIrM1SI2ChbMTt:d5Okc35nlQN8y/JyQPHqp6Ribb2
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da
Files
-
ea0c1b448dfd94060600f75faab6f2bb929269cf1a6498859cff129353e5d7da.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ