Behavioral task
behavioral1
Sample
34e2a6e460e8c621b808310b38123fee90c86ea6bd2901186eb28bb6d46779c2.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
34e2a6e460e8c621b808310b38123fee90c86ea6bd2901186eb28bb6d46779c2.exe
Resource
win10v2004-20240802-en
General
-
Target
f403a154e73002c6bf2c59f45a3d4a46.zip
-
Size
1.2MB
-
MD5
4491e9fcfe6905647f6175b141a5e28d
-
SHA1
1f9a1eddc52ea38aca880b7c390af0144e871cbd
-
SHA256
1238847063bae1f93e80140e410ef0e08c5e909190507cd826ffecc1f74f684b
-
SHA512
0afb86bc9bacde34c7e10dae3a402744166447f7594fa6bddaeac8d9507fe2666b0dc0379bcdc379999374f2c5a1a045e6f3ca7493185683f9afc081d1fc00a5
-
SSDEEP
24576:ySXZi5v04YlKbTwi3B17h1IjLfbBqm8I+Rd09Oeh3ShbwAiEF5j:Sv0FlFSHh1ABR87RdC3SZ5x
Malware Config
Signatures
-
resource yara_rule static1/unpack001/34e2a6e460e8c621b808310b38123fee90c86ea6bd2901186eb28bb6d46779c2 aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/34e2a6e460e8c621b808310b38123fee90c86ea6bd2901186eb28bb6d46779c2
Files
-
f403a154e73002c6bf2c59f45a3d4a46.zip.zip
Password: infected
-
34e2a6e460e8c621b808310b38123fee90c86ea6bd2901186eb28bb6d46779c2.exe windows:4 windows x86 arch:x86
Password: infected
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 7KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE