General
-
Target
susano.re.exe
-
Size
17.0MB
-
MD5
398103f9afff93e3ebe58fc6898745df
-
SHA1
e6e99a63286da6e0cb9ff334b26dbbd05662ca20
-
SHA256
a40e23c463408413e99b9118b1757f1124664bee2f8e43b2ae9d7bd99676a0e2
-
SHA512
c524ecb2c9b9a992e546818c2e09aa6e176944cf640aef052173e1219e4a8233abdea139392d2fac1e1761912114543f1e4370b74eba116455cce78701931e09
-
SSDEEP
393216:zfrEkZgf8/YgpgPYVnNSMF1+TtIiFluvB5IjWqn6eCz1f3mcXmRlEWvb8kg:zfrRb/YgpgPQH1QtIeS3ILn6eEF2jED
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource susano.re.exe
Files
-
susano.re.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 220KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 126KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 46KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
stel.pyc