Behavioral task
behavioral1
Sample
folder-4/4/777.pdf
Resource
win10-20240404-en
General
-
Target
folder-4-pw-badfile.zip
-
Size
5.5MB
-
MD5
c356f61e10b385fadd246923bea4c5b5
-
SHA1
5cd4d73d341730a410f4fc4ce0da3b5c03b751ef
-
SHA256
cb4a0d555233f1ffa56170a3559fb33cc22053d6fef7a5dff245ac1970db93b4
-
SHA512
1748598ee0a6bcb6cf6696c1f3f949877bb6856a389ea510d74a257eebb1c9bde58c19e137bd2e6810e05f6ac4f2238f9df487ad25f166463ad6406f83e1e31d
-
SSDEEP
98304:5VnJaRJFd/HCgZG6iQHcw7oyO1MtJP7sSZYW76OC5fItTAq9d3As8lUwbUkXePH:5GL/HCgMpQHvcAnPVZJ+QOOdt8lakOf
Malware Config
Signatures
Files
-
folder-4-pw-badfile.zip.zip
Password: badfile
-
folder-4/4/.ses
-
folder-4/4/3f9528a7-db66-4e14-ad99-3bb20b994e75.tmp.gz
Password: badfile
-
3f9528a7-db66-4e14-ad99-3bb20b994e75.tmp
-
folder-4/4/6263d8ee-35c3-4efe-a889-a1caa528eb6c.tmp.gz
Password: badfile
-
6263d8ee-35c3-4efe-a889-a1caa528eb6c.tmp.js
-
folder-4/4/777.exe.pdf
-
folder-4/4/MSIb12b3.LOG
-
folder-4/4/MSIfc7b8.LOG
-
folder-4/4/appInsights-node71ebf67a-f23a-4893-bafb-e7fd7a0f43d3/1719468866134.ai.json
-
folder-4/4/c1491b6d-eeba-4bdd-acff-25435ad38b87.tmp.pdf
-
folder-4/4/cv_debug.log
-
folder-4/4/is-M72TF.tmp/_isetup/_setup64.tmp.exe windows:4 windows x64 arch:x64
Password: badfile
35a25297eaad71a907abf55111fc7e24
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
comctl32
ord17
shlwapi
StrToIntW
StrToInt64ExW
kernel32
ReadFile
WriteFile
CloseHandle
SetConsoleCtrlHandler
SetProcessShutdownParameters
SetCurrentDirectoryW
GetSystemDirectoryW
SetErrorMode
ExitProcess
LocalFree
GetLastError
GetCommandLineW
advapi32
FreeSid
GetNamedSecurityInfoW
AllocateAndInitializeSid
SetNamedSecurityInfoW
SetEntriesInAclW
shell32
CommandLineToArgvW
oleaut32
LoadTypeLi
RegisterTypeLi
UnRegisterTypeLi
Sections
.text Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 48B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
-
folder-4/4/msedge_installer.log
-
folder-4/4/servicehub/logs/979dad25-IdentityStorageService-6412-iwy2txk1-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-3892-24oeddwr-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-3892-b0wzsbyo-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-3892-rxydaoop-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-3892-zn1boqt5-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-6412-3stl0v2k-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-6412-dklnww2r-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-6412-jybrzcaz-1.log
-
folder-4/4/servicehub/logs/StorageServiceSingleton-6412-yfgmyi25-1.log
-
folder-4/4/servicehub/logs/f8470a55-IdentityStorageService-3892-oplbhpnm-1.log
-
folder-4/4/wmsetup.log