Static task
static1
Behavioral task
behavioral1
Sample
SPOKEN V1.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
SPOKEN V1.exe
Resource
win10v2004-20240508-en
General
-
Target
SPOKEN V1.exe
-
Size
37.7MB
-
MD5
4845c035ba2d9dcfab0291e8ceafb5c6
-
SHA1
bede5fadcc6f1efb8bcdc43a72fe3b51fc94420c
-
SHA256
e6aa8ee51c8aed75218c285d0741e944ca01b5d5f8321e52c91b58540143ade1
-
SHA512
cda12decdcd5dad60462506562c671e43986374f2d5b72e36326d78763736269055a13116e8893ab05219b3301eeb295a4c53e3fbeb76d841604a3efc2c87155
-
SSDEEP
786432:OrxOzdy/1EBJNYSyiOm9OHDK6udkVp5k0q:O0p1nYekDK52md
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource SPOKEN V1.exe
Files
-
SPOKEN V1.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 37.7MB - Virtual size: 37.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ