Static task
static1
Behavioral task
behavioral1
Sample
65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.exe
Resource
win10v2004-20250217-en
General
-
Target
65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.zip
-
Size
149KB
-
MD5
e32c2b2810fdf8d277b9e9f95b273042
-
SHA1
4382a3a1e6965f4e0bea5200a4d5d8e92c083e06
-
SHA256
591c9b81e7db60504efbdd41d6c6f67c62f6782bb514b7d80feaf36193be365c
-
SHA512
63d0505d864fc4246e0afcd825696ed6862f624ae8ff50661b77b0cdcefb08c5c135cab012bef8832f7f38859c0747cd056f4d9460777c7eef79216f32c39490
-
SSDEEP
3072:WALVDe5HbpF3fWOptj5x7UwIGbhDjXXRrFGvkBYo96hDHwk3cApi:WwDiT355UUbhXRxUaYo96hhMB
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.exe
Files
-
65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.zip.zip
Password: infected
-
65ac9daf3070161ac996fb8946632599547f1c9450d7dcd0f8dc1c85b4e8b3b7.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 241KB - Virtual size: 241KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ