Static task
static1
Behavioral task
behavioral1
Sample
542d6e28fa21ca093f75532f1dcdae0b4e4dae956cf4a0256ce28cf8c9ac05e8.exe
Resource
win7-20240903-en
General
-
Target
b9d684e2aa48529ee87c3b990311e091e94408b07d5cd77e16d0de0023e21405
-
Size
482KB
-
MD5
f7967e9d33d845d0f83c3dfc0ae8db38
-
SHA1
15c27e2b3242189b0bf07018d41d06a8ab7385ee
-
SHA256
b9d684e2aa48529ee87c3b990311e091e94408b07d5cd77e16d0de0023e21405
-
SHA512
b144ed6732a6085b2c7ff162b3820db27f515dbc06d6b0f022a66bab48110e3feb4878960f2120492737b35cde72059fea705c5ee527766c2dbb33944eb85cf0
-
SSDEEP
12288:dA5wTZEaOveXlsh+XciK43e77ysku+EsVRB:HEpeVsUXciK43e3yskuwDB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/542d6e28fa21ca093f75532f1dcdae0b4e4dae956cf4a0256ce28cf8c9ac05e8
Files
-
b9d684e2aa48529ee87c3b990311e091e94408b07d5cd77e16d0de0023e21405.zip
Password: infected
-
542d6e28fa21ca093f75532f1dcdae0b4e4dae956cf4a0256ce28cf8c9ac05e8.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 505KB - Virtual size: 505KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 51KB - Virtual size: 50KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ