Static task
static1
Behavioral task
behavioral1
Sample
f2833cf13e711670cc966a9ba8eff6a8db3fa1e0e6883e7082f02470af641018.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
f2833cf13e711670cc966a9ba8eff6a8db3fa1e0e6883e7082f02470af641018.exe
Resource
win10v2004-20240802-en
General
-
Target
4fa888c46c0731efd367d4a0bbbd7629.bin
-
Size
632KB
-
MD5
2a05304752f8592bacc7292721c51976
-
SHA1
668fe015457911950353eac1ce5b20a84a098109
-
SHA256
13d4c1f46546263a0e1178847b63dd1cf2c1ea8995239f3d13646bb9e1bc8ad5
-
SHA512
fbed358fcc1f84d9fb77b568d32105976de3718b65f0329d1f823df8c8fb5d88f52988c8508e26059a0a3fde5f53a819418fca4030056eb0190cca812d273d95
-
SSDEEP
12288:CqpyeRF8iKGmomP/GeDrjjwDgYTZzPU2ODKPPbjKANXb7ReO6TL6AhUdssmX7:D8iKGmo8/pjQ1wPDK/KErMOkLx6ssmX7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/f2833cf13e711670cc966a9ba8eff6a8db3fa1e0e6883e7082f02470af641018.exe
Files
-
4fa888c46c0731efd367d4a0bbbd7629.bin.zip
Password: infected
-
f2833cf13e711670cc966a9ba8eff6a8db3fa1e0e6883e7082f02470af641018.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 32KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ