Static task
static1
Behavioral task
behavioral1
Sample
63463a610fea5ef1e61f1e1c971eb4f37b7eb96e12371965e7b547c31ecc3574.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
63463a610fea5ef1e61f1e1c971eb4f37b7eb96e12371965e7b547c31ecc3574.exe
Resource
win10v2004-20240802-en
General
-
Target
f154021e7f4d232f969a67d3c07f548a.zip
-
Size
4KB
-
MD5
4d8895bee2211febb95da4e449ffb2b2
-
SHA1
a045c3f8fd0646c02b255c55d1da6bb0da8a9ec4
-
SHA256
dd6ed528b150abd375107eb3f6d9e98c4fa7fe61aa91c23e910e8b606b66cd52
-
SHA512
c25aaefc99ee8e046c070468a6cc4a9b5c938b0d639872cde7548ca6fc0864cdfd97ec68693c9dc3f37710cffb032918b5002055778c79e380bcd311b3ed05ee
-
SSDEEP
96:sYxS6MI8PPLyeIebG2QhlXZGKgzMxKhSsdX/y5phcnXTIbRJ1bv521NlE8kcJ:TwPPLVIe1UtZO5Es1mPcDObh2hEDe
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/63463a610fea5ef1e61f1e1c971eb4f37b7eb96e12371965e7b547c31ecc3574
Files
-
f154021e7f4d232f969a67d3c07f548a.zip.zip
Password: infected
-
63463a610fea5ef1e61f1e1c971eb4f37b7eb96e12371965e7b547c31ecc3574.exe windows:4 windows x86 arch:x86
Password: infected
cc40fefa3af5cd00cc28dbd874038a4d
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
CloseHandle
CreateFileW
DeleteFileW
ExitProcess
GetComputerNameW
GetCurrentDirectoryW
GetFileSize
GetModuleFileNameW
GetTempPathW
GetVersionExW
ReadFile
WriteFile
lstrlenW
lstrcmpW
SleepEx
VirtualAlloc
wininet
HttpOpenRequestW
HttpSendRequestW
InternetOpenW
InternetConnectW
InternetCloseHandle
InternetReadFile
shell32
ShellExecuteW
ntdll
RtlDecompressBuffer
swprintf
Sections
.text Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ