Static task
static1
Behavioral task
behavioral1
Sample
pavan.exe
Resource
win7-20230712-en
General
-
Target
pavan.exe
-
Size
212KB
-
MD5
2d20910beb6db5471737edd427731dc9
-
SHA1
b2229dd6849b53ee2e2048460b3c876e19ecf4b1
-
SHA256
e0ab9cb803607ae567be2c05100b818c90f21161918ea5a55b999f88d0b99e94
-
SHA512
1a63a1abdc42ce8e60eae3fa4d0cc350b4f2324d608ac8806605281949c9875c8faa5ae7d2c39e64ea455d6ffd50ca574988edd0e919e97b4fda32dfad00c761
-
SSDEEP
3072:jFNLSeODpJpfYTCOoShKmECPTKBWFPkl6WQreEmUw69bqjD1JxQP:jFAUCOoSEmkWeILeE9w69bqHy
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource pavan.exe
Files
-
pavan.exe.exe windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Imports
mscoree
_CorExeMain
Sections
.text Size: 209KB - Virtual size: 208KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ