Static task
static1
Behavioral task
behavioral1
Sample
9409521653887ec13272edd26f3768efb6f176b49b15a058dfcf69b9172faece.exe
Resource
win7-20240508-en
General
-
Target
e1a72f7e4426c8d5e849459fa7c7e476.bin
-
Size
35.4MB
-
MD5
4a0c55d6223fc7fdd5d5ca9b3b9ca103
-
SHA1
60fe7f01ce9da9f0f1a302c1b68398172fae9b0f
-
SHA256
74da0ec13e96351e76edd4d76a7d15e11d4435c366c994db740dc2875c9f4816
-
SHA512
e05a80027c362d7fa91bd5d05c7fe8dbb91d4e346637b41eabd80abfc444de6434834429c8070a56360489a943516606585bf59ff5f09c00ac13daf45114e0b5
-
SSDEEP
786432:0+LXSUL1227MI11Z7FFhGQBfdfADE4kcEOHjFGDQEXMhPKJ8oK:RLCUL1jRFfAmt7sCMhPs8
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/9409521653887ec13272edd26f3768efb6f176b49b15a058dfcf69b9172faece.exe
Files
-
e1a72f7e4426c8d5e849459fa7c7e476.bin.zip
Password: infected
-
9409521653887ec13272edd26f3768efb6f176b49b15a058dfcf69b9172faece.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 39.9MB - Virtual size: 39.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ