Static task
static1
Behavioral task
behavioral1
Sample
4c38813ca8fc7a8a94acab611b0d5a8f64592e6c8e5df52e35b7182cdec8dab0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4c38813ca8fc7a8a94acab611b0d5a8f64592e6c8e5df52e35b7182cdec8dab0.exe
Resource
win10v2004-20240704-en
General
-
Target
68bcd11da168bcd33c61adfe6cf8b2b3.bin
-
Size
784KB
-
MD5
b35aee65729703f33cfea0a361b8857f
-
SHA1
8262f12e223e2becf328e71593c83106e2a5fb7e
-
SHA256
9007e48e96d61bd39071800d148a9c9817ece0ef5ec22e71ddef419b179d352a
-
SHA512
376828ed398be84968ec2caf16805d179f56eb51add602dbf0bf91a4cc2f1f54405f059119bdf99ca6ed4a460f3e90b264ce7e1371f84ef41fbc398e449532e6
-
SSDEEP
12288:LJhLqBl6+GGlsoWPc0u5WSIkWieIDlYiJH29doeCUY9EFhfGh1KtXubpEdFvQubp:LJhquGGcb5tMVI5J29doexbFYmFYu1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/4c38813ca8fc7a8a94acab611b0d5a8f64592e6c8e5df52e35b7182cdec8dab0.exe
Files
-
68bcd11da168bcd33c61adfe6cf8b2b3.bin.zip
Password: infected
-
4c38813ca8fc7a8a94acab611b0d5a8f64592e6c8e5df52e35b7182cdec8dab0.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 800KB - Virtual size: 800KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 25KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ