Static task
static1
Behavioral task
behavioral1
Sample
Canon_Library_patched.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
Canon_Library_patched.exe
Resource
win10v2004-20230220-en
General
-
Target
Canon_Library_patched.com
-
Size
535KB
-
MD5
9ca397c8c268958cbdc86aefdc51b752
-
SHA1
81427beb943f2515fb2e1da5f15df0ca99b1006e
-
SHA256
8fc6b34ffe487e5fe3623d985700fdec6d1eb4151c441e723751a1f5cc7e7d51
-
SHA512
5fd54d1bd976a03e76e7d402aef58b3565ff6dcc7dff9a4c3eca4d101d46508d6527efc82831c1563038951f92edbf7bcfb6b8e7f49ebd055612bb1f742d5c7a
-
SSDEEP
6144:9GwmutFCaUR6ER34xatVC37Tn41+x/JoSa33NVbrWJKyWf8NNgrfi57R:VFG6ER3UeVC34QGSUvX/f8vR
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Canon_Library_patched.com
Files
-
Canon_Library_patched.com.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 155KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 378KB - Virtual size: 378KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ