Static task
static1
Behavioral task
behavioral1
Sample
80ca096a0d229900a697be7595d65730a8e7fa1de3bdc015578e87ec996ebd4b.exe
Resource
win7-20240903-en
General
-
Target
bd0616b24be706a75143c5c4cfd650e739d495e8d716246d32623cc5106adf03
-
Size
3.7MB
-
MD5
e5e28fb82e82a9b2e1180a0d579100a0
-
SHA1
8efd4e23d64b3c585ca900f590e8756bfe1dda5b
-
SHA256
bd0616b24be706a75143c5c4cfd650e739d495e8d716246d32623cc5106adf03
-
SHA512
e4f7e62947d2e66eb733230c858a0169d0dcd1ad27822c6006c8a23ec7ad24fa86a08a278ed26a566d89eded5dbaa5c282a9bb8440bf924e2348ebd1124ff3bf
-
SSDEEP
98304:z7CtDbr79mfLFa/Cawl9V6CMfb/AONv5zxY7IqK5uPc:z7+DT9cRa/aiCW/AshS7gL
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/80ca096a0d229900a697be7595d65730a8e7fa1de3bdc015578e87ec996ebd4b.exe
Files
-
bd0616b24be706a75143c5c4cfd650e739d495e8d716246d32623cc5106adf03.zip
Password: infected
-
80ca096a0d229900a697be7595d65730a8e7fa1de3bdc015578e87ec996ebd4b.exe.exe windows:4 windows x86 arch:x86
baa93d47220682c04d92f7797d9224ce
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
comctl32
InitCommonControls
Sections
Size: 39KB - Virtual size: 96KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 4.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vbffrdhs Size: 3.7MB - Virtual size: 3.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
ygzyhipq Size: 512B - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE