Static task
static1
Behavioral task
behavioral1
Sample
cyxum.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
cyxum.exe
Resource
win10v2004-20230220-en
General
-
Target
cyxum.exe
-
Size
1.1MB
-
MD5
394c60237c9e91bf7efc4832424ef51e
-
SHA1
a176bfac5c7c3c51075a54ee852a10c560e922dc
-
SHA256
fae2d370a412eacf6f1e7ab76a43f1c8bfba253a5b6630322aaecca9978ed957
-
SHA512
e5f25f03ffe24d12ca1b390833996a2f36c4c57455f42fff9e8a0a27e2841c4e5c20b32c6860324d414e6fee2c9de69a4ed7d7780eaa9ee8302ddc9d3dd7c25c
-
SSDEEP
24576:Us/3O8IbK5HdekH+lTZeO8uTRzKJeLjEeJtIVw/5zJx7K3BUUu:V/3O8XdekHkTZBRzK2jEcIu/NDK3Bc
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource cyxum.exe
Files
-
cyxum.exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ