Static task
static1
Behavioral task
behavioral1
Sample
20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe.exe
Resource
win7-20240221-en
General
-
Target
db6bf30fd61d330a5466459124fd4f21.bin
-
Size
774KB
-
MD5
f15af01024cff734e85df58c88d7a593
-
SHA1
e25ccf07d55b2c75fd57e5e571e4b7f9f65cd0a5
-
SHA256
e8c888ad87c5b9e62670edca84a5fa468cd92ad1137beb727cfb42e8b327d03c
-
SHA512
b1a01c94806335478204dbab9e7987a616d01ccf047b82f6fb6ee1d5d70ba5369ad67fd335562a2fb26203a0cbc9102f6f452f142c3d8598daee31f0110fb7df
-
SSDEEP
24576:9ssVnQkufFke61o6k/0hHaYR8wNrPsWKV:9bnYjqXk/0FZnNUr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe.exe
Files
-
db6bf30fd61d330a5466459124fd4f21.bin.zip
Password: infected
-
20e3320ed125693938485c94c8ebf1a981ed2d717bba86f137a4b327757946fe.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 628KB - Virtual size: 628KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ