Static task
static1
Behavioral task
behavioral1
Sample
a5a3067e6a3c4e957152655df5c68ce4db77f8308feff43c53e7535031033be5.exe
Resource
win7-20240221-en
General
-
Target
e97620420d37596704d9f4fa70303453.bin
-
Size
546KB
-
MD5
77496d0b603649e6ecaf38ac15d0567b
-
SHA1
c5062fe7d01dd1a5273aec8f472ddba650868df2
-
SHA256
89ec5c0d8c32482281b1493fe7075d790cc2fc62ff3e2c7f81fbe27c4913e2de
-
SHA512
1b0d41c8817fe9c5a9fa7ff7b62f5c3cc61400c804fe6db7662d5099819c050b2cc5f70e9549f57c1b9fb934ce5900ba901a8145d4386d5eab4ef6190f916c83
-
SSDEEP
12288:bJApYXrp0Jm7uQJDVvLTbeamYP2WIv50f7x6/acdpN1ZC:lAdIJ3G9WIKfl6C6zC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/a5a3067e6a3c4e957152655df5c68ce4db77f8308feff43c53e7535031033be5.exe
Files
-
e97620420d37596704d9f4fa70303453.bin.zip
Password: infected
-
a5a3067e6a3c4e957152655df5c68ce4db77f8308feff43c53e7535031033be5.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 574KB - Virtual size: 572KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 6KB - Virtual size: 5KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ