Static task
static1
General
-
Target
603021_fArjnW0wt.exe
-
Size
21.8MB
-
MD5
e531eddbc52a8a7a5fc3888365fbcbc5
-
SHA1
84df7a713f3666ffb3772a89b70db99f52d0f833
-
SHA256
224dab09a5a72e33775f21f4ec0ffa9be3ccf32ffe78005a3cc05c2b52e1092e
-
SHA512
d50a1c9c00455c8849331b0c1bc10d3fa1cf1e8f30b4c41988f21fddc517b6d297a301bc2f877401be4005d72abf78e99362b1925fa21e5ad95313ef756e8b9e
-
SSDEEP
393216:1sDaAR/7UGczI7ppyG2z+cUONnBBTNFwIcakwOmZ2w+HqxESOsYBrUfzIrh84AvU:cO07ibaFONnBBTNFwIcakwOmZ2w+Hqxo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 603021_fArjnW0wt.exe
Files
-
603021_fArjnW0wt.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 21KB - Virtual size: 21KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.idata Size: 19KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
INIT Size: 15KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.z6leyp Size: 14.1MB - Virtual size: 14.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.we61dp Size: 512B - Virtual size: 368B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ff4m5 Size: 6.5MB - Virtual size: 6.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 445B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ