Behavioral task
behavioral1
Sample
ec1a5fbd6a5ca09382dd4b71f473657eba1a4a6e0982bcd01697821ca24d84f9.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
ec1a5fbd6a5ca09382dd4b71f473657eba1a4a6e0982bcd01697821ca24d84f9.exe
Resource
win10v2004-20240802-en
General
-
Target
dfd9612cb55b1cfc4a33d9fdaf8ed070.zip
-
Size
14KB
-
MD5
96de42ca9bf03f72958ccb4da548235d
-
SHA1
62f7b2ef67df965ffb977fd1fd73d818080e19b3
-
SHA256
91d3cb5487c09e512cdc388300aa5b891a13505ab14f3b863cfd1e8e94d02ac9
-
SHA512
02d040f1c799bfb7a577c4c2fafe5fccc4e267902a8cd05cd469d6683d7e74451266e5c87f1322ebc7f7b9a519d4d7e94b1409890b4ac8fa29273dc92abfc7dd
-
SSDEEP
384:HltDLxz/66JNsvRP36ySlOijNrNA38XIe:FtHxz/BDsRUOijc38H
Malware Config
Signatures
-
Limerat family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/ec1a5fbd6a5ca09382dd4b71f473657eba1a4a6e0982bcd01697821ca24d84f9
Files
-
dfd9612cb55b1cfc4a33d9fdaf8ed070.zip.zip
Password: infected
-
ec1a5fbd6a5ca09382dd4b71f473657eba1a4a6e0982bcd01697821ca24d84f9.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ