Behavioral task
behavioral1
Sample
bb601e797c0f568dec746e5328bf7eaedf5d693ed9d1294003537c83e8ea1be8.exe
Resource
win7-20241010-en
General
-
Target
bb601e797c0f568dec746e5328bf7eaedf5d693ed9d1294003537c83e8ea1be8
-
Size
472KB
-
MD5
5087edf50323c1cad653c0306e212855
-
SHA1
9f0a6e701ebde9cdf8fad6b68238b60f34aff2e6
-
SHA256
bb601e797c0f568dec746e5328bf7eaedf5d693ed9d1294003537c83e8ea1be8
-
SHA512
cf2607a4e5ed58f5d24aa286c20abfa326de44904026052d222f3c11127cafa0fbcd68fc188e9ebcd62b9101105834bb860dcdef1ce0e028371c8a2613e1ae20
-
SSDEEP
3072:b8RinudiP52xx67lLdniHDoaQkSI//FRj2XE5KBQXnQMvaro8:okgiPA6RhPaiAfqXuKBQXQQZ8
Malware Config
Signatures
-
Berbew family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bb601e797c0f568dec746e5328bf7eaedf5d693ed9d1294003537c83e8ea1be8
Files
-
bb601e797c0f568dec746e5328bf7eaedf5d693ed9d1294003537c83e8ea1be8.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flh Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ