Static task
static1
General
-
Target
fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.zip
-
Size
1.7MB
-
MD5
4c139c0588e27cbb3d5ba6f7d7be2879
-
SHA1
f84231e796f84946fd5d00f5cae95fc5f3c3f962
-
SHA256
d3bcd07cac842a5f7a0c99f07454dea366024baf3cd85fba3c12830a2c580f0a
-
SHA512
f1542b3700567f4e20c600785147b10c56f5fc9344b330576ca299e3d1062347927ff27ce4f0a7c50a92a9429e86c38d7c9456823984fd4c4f5720749719838f
-
SSDEEP
49152:8uKokKfq7ORxpheX7v4CkZKgJEmu7zS0h+b0:DnW7ORx+z4nZKyEJ7by0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe
Files
-
fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.zip.zip
Password: infected
-
fafd551638daa4ab17ebdc71f2bffd8599332b1f1e95409af51870502cd65e38.exe.exe windows:5 windows x86 arch:x86
Password: infected
2eabe9054cad5152567f0699947a2c5b
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
kernel32
lstrcpy
Sections
Size: 88KB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 2.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
olxddulo Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
pxsrqflz Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.taggant Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE