Static task
static1
Behavioral task
behavioral1
Sample
dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d.exe
Resource
win10v2004-20240508-en
General
-
Target
0c5a964f9cbf2fec077302e6baa7316f.bin
-
Size
484KB
-
MD5
b0b2b923715bb70bcf554992a3325bd4
-
SHA1
879946d6549479067ac1f5ce74dc3ce42472f44e
-
SHA256
1d9f675236f0a1cc224f9c876e929f947cb422311f7d8bff91a26ab69bb25d66
-
SHA512
c4806871c733ffece443b0f67a172b9dfa3a2cc25b8545a585b6522b5b8f26ae549b74df7f8d76ee2e5c563fef0255358c9521ff6c196198476759fa252807b6
-
SSDEEP
6144:XTnv7USvg2qooUqFXOpS7hjx27+X5UbsLE5bjhqrBngxTac3XKAWUiQxMoMET7vC:jDU52qqkepEx761vqKNHvTLMo5USPfI
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d.exe
Files
-
0c5a964f9cbf2fec077302e6baa7316f.bin.zip
Password: infected
-
dd93e71cdd590d9c74d24a1b822948e7501b7a38df590d4d52ddf3e862a0cb2d.exe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 13KB - Virtual size: 13KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ