Behavioral task
behavioral1
Sample
e380aa31cbab9de96bc58b325bc8cf021b31e8a315ea08ad387f6d1b5d1cbcb8.exe
Resource
win7-20241023-en
General
-
Target
e380aa31cbab9de96bc58b325bc8cf021b31e8a315ea08ad387f6d1b5d1cbcb8
-
Size
472KB
-
MD5
2d837f452a1652f40bc5343ff326cf06
-
SHA1
df9d7b964711698e1bf79c0ea1e486b29116ff9c
-
SHA256
e380aa31cbab9de96bc58b325bc8cf021b31e8a315ea08ad387f6d1b5d1cbcb8
-
SHA512
d8a98610b7e71bf8f8e4869cc3cfa759755e6cb20c64592c21efea0c8e2def65a3161f412c9eb93489bb970bb62a5e8e1c3f095d444a7d2c2f84bba7a18bda65
-
SSDEEP
3072:h38RinudiP52xx67lLdEiHDoF9gBGwJw7bIOG:hskgiPA6RqPF9gBGwJwoOG
Malware Config
Signatures
-
Berbew family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e380aa31cbab9de96bc58b325bc8cf021b31e8a315ea08ad387f6d1b5d1cbcb8
Files
-
e380aa31cbab9de96bc58b325bc8cf021b31e8a315ea08ad387f6d1b5d1cbcb8.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bss Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.flh Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ