Static task
static1
Behavioral task
behavioral1
Sample
708e198608b5b463224c3fb77fcf708b845d0c7b5dbc6e9cab9e185c489be089.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
708e198608b5b463224c3fb77fcf708b845d0c7b5dbc6e9cab9e185c489be089.exe
Resource
win10v2004-20240802-en
General
-
Target
c22878751ef3d4953b07da376a870f236353f6befb4df630efcb56fa7dc1fa23
-
Size
473KB
-
MD5
276c5989835b56ececeb0690c6cabbb1
-
SHA1
78822c7a2750306728694166c860bcaef6b628a0
-
SHA256
c22878751ef3d4953b07da376a870f236353f6befb4df630efcb56fa7dc1fa23
-
SHA512
36987d89f6ff9a49a1c4606a94118309e195d3296553c8a1e235f654b49152f97a8cc28abb8607a550bdab52457bbb289f5646379d9400d1a78fc9a3c0b56afd
-
SSDEEP
12288:Mw03iYOygREltutqKelucHQ+TdikztjG+9/VuEL9zpDWVFsLV:kgygmlotqKWbwEg+XzL9uuLV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/708e198608b5b463224c3fb77fcf708b845d0c7b5dbc6e9cab9e185c489be089.exe
Files
-
c22878751ef3d4953b07da376a870f236353f6befb4df630efcb56fa7dc1fa23.zip
Password: infected
-
708e198608b5b463224c3fb77fcf708b845d0c7b5dbc6e9cab9e185c489be089.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 925KB - Virtual size: 925KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ