Static task
static1
Behavioral task
behavioral1
Sample
AlienCrypterbyKGB.exe
Resource
win7-20240508-en
General
-
Target
AlienCrypterbyKGB.exe
-
Size
21.4MB
-
MD5
9c13c90792ac75308e5e0e2b1935afa0
-
SHA1
3d376ffc4ac0d241f872403fcfbe8dc095c8e24e
-
SHA256
1da411a99c55c77955ff1145f7d65bbecf2aaf18a508c5ed5eda0ca01a49a360
-
SHA512
3fa52c500c21c72f49a33a87af64d57b0fbc9d0756b122b1af566e24389663e65e8c9ab7301591748ddd02ac89adb8fcfd9004c2f109eb202a4264c962500932
-
SSDEEP
196608:VBt6Zry+AytcLI0bNPFcdwLu9YcRTd9/fcMqYmlhl9xZfJ/vSHaVSElV:bIvAd9jy9D1fh0l9xJJ/6HCSwV
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource AlienCrypterbyKGB.exe
Files
-
AlienCrypterbyKGB.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 178KB - Virtual size: 177KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ