Static task
static1
Behavioral task
behavioral1
Sample
609bc8857b533519f685c40d62946fd27c4a4a0a87f8b05a8a5351fcfb7f5213.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
609bc8857b533519f685c40d62946fd27c4a4a0a87f8b05a8a5351fcfb7f5213.exe
Resource
win10v2004-20240802-en
General
-
Target
a011e4e8e7502fdfcd1c52a98392ff46.bin
-
Size
158KB
-
MD5
d4166fecf526021807804d4359ec019e
-
SHA1
51e390422d20ea67da1a5921c443418a9055a053
-
SHA256
859645a7a8616636dfa214f9f2fe1a0881445ab68d76a95e36b71e22a18e67d1
-
SHA512
e17ffc8c6aed905ff8fc20256b6bcdceb07d3c83f7e6071f7b739843fc4448b2d1c679b689d27b46787c93615e92b2c7c1a780db826e31b21d735579d873fb83
-
SSDEEP
3072:Mtlq3KNo/t4bNUjRql+xSOO8tfTU6qEBLOUYki/FrUMf2c:OqEhNj2e4fTUP2Yki9Rf2c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/609bc8857b533519f685c40d62946fd27c4a4a0a87f8b05a8a5351fcfb7f5213.exe
Files
-
a011e4e8e7502fdfcd1c52a98392ff46.bin.zip
Password: infected
-
609bc8857b533519f685c40d62946fd27c4a4a0a87f8b05a8a5351fcfb7f5213.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 113KB - Virtual size: 112KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 238KB - Virtual size: 238KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ