Static task
static1
Behavioral task
behavioral1
Sample
8367ac8403f30e782e231927d7581b450a117eda0dfadcb9da2e2ce912bd397c.exe
Resource
win7-20240903-en
General
-
Target
0925ca356d951d1895b206a920d31c4e.bin
-
Size
1.6MB
-
MD5
1cdf396796a3d0d7e9662243e2042fef
-
SHA1
3bd5a485715359214e5c181c7597cf930f809bcc
-
SHA256
901fa649109c56c3217eeeab577bf64143f0be05e72e9117059fedf210e9779c
-
SHA512
1118db237c9fdea651053471e7cfb9c996387898f4ccf57f0e65833c4e89aa26252200228a27bb7c8293ebb7195c5bb1c678971a206b4012c2b66d6a776f4618
-
SSDEEP
24576:1Nm73p9zxKGEWUlQGqOGVbcSRuIMpjF4Tnevv6zVpQMIi5Py7yrTMcT/nGX:nmTp+GEJyOQUI4Wevv/MIi5a7ypGX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/8367ac8403f30e782e231927d7581b450a117eda0dfadcb9da2e2ce912bd397c.exe
Files
-
0925ca356d951d1895b206a920d31c4e.bin.zip
Password: infected
-
8367ac8403f30e782e231927d7581b450a117eda0dfadcb9da2e2ce912bd397c.exe.exe windows:5 windows x86 arch:x86
Password: infected
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 79KB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
depemzwd Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
udfahrgk Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE