Dkxthk
Dkxtts
Behavioral task
behavioral1
Sample
3e304e52fd28be8e7ffd9e03ece9288068751a6c8f97c9a988ce57d402f25456.dll
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
3e304e52fd28be8e7ffd9e03ece9288068751a6c8f97c9a988ce57d402f25456.dll
Resource
win10v2004-20230220-en
Target
3e304e52fd28be8e7ffd9e03ece9288068751a6c8f97c9a988ce57d402f25456
Size
620KB
MD5
4437e0a458174774c05c618273e92d99
SHA1
1196842b5eb9a1e0d7449b2725ea712253b98d6e
SHA256
3e304e52fd28be8e7ffd9e03ece9288068751a6c8f97c9a988ce57d402f25456
SHA512
f10aa8e922316f01d2012116690891cfef254abe4b5765ac1dc3e4a039dcfcb3c664d295209c86d77074806f1a57b362721cf2388fd8b7e2742065b57c589d92
SSDEEP
12288:oe5lobIaVzQ1/huqj7JzCrUrjZa9cs/67aivFLRX:oyolo/RzycZ6i7aQ
Processes:
resource | yara_rule |
---|---|
sample | aspack_v212_v242 |
Checks for missing Authenticode signature.
Processes:
resource |
---|
3e304e52fd28be8e7ffd9e03ece9288068751a6c8f97c9a988ce57d402f25456 |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Dkxthk
Dkxtts
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE