Static task
static1
Behavioral task
behavioral1
Sample
be67c3e96365bc394ccb229a414d3ba726ab7498ae73cea5f89d437d7a5d3662.exe
Resource
win7-20240903-en
General
-
Target
b19adb8d6fbae22a43421e7a2b85b7c83bea0af0805c6e1d8ad7a62b2315c33f
-
Size
118KB
-
MD5
695674e33ee47c2a4b9f6848993762ed
-
SHA1
87338ae0e212424503cf8bd0fa625652de62ad1f
-
SHA256
b19adb8d6fbae22a43421e7a2b85b7c83bea0af0805c6e1d8ad7a62b2315c33f
-
SHA512
db221d93339d65990c1d0772c74622e6bff7b3319eeaee31db397c50a0ffa3391b487abfcb5ad02375a15ead3b2504f8f63911a18b5a792e3d6c50d4b47119aa
-
SSDEEP
3072:zRFKQFet3Or5UIvi0xU7my5CvPrKrkuzkqU1yn/D:zRFpoedVX2K+CvPmrlkj1yn7
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/be67c3e96365bc394ccb229a414d3ba726ab7498ae73cea5f89d437d7a5d3662.exe
Files
-
b19adb8d6fbae22a43421e7a2b85b7c83bea0af0805c6e1d8ad7a62b2315c33f.zip
Password: infected
-
be67c3e96365bc394ccb229a414d3ba726ab7498ae73cea5f89d437d7a5d3662.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 146KB - Virtual size: 145KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ