Extended Key Usages
ExtKeyUsageCodeSigning
Behavioral task
behavioral1
Sample
49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30.exe
Resource
win7-20230831-en
Target
49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
Size
129KB
MD5
20254b00201935884467b6384d6f6508
SHA1
6b40dba991a559613e73eb4e1ee0e2a2dd5fbf4f
SHA256
49c9dfce83f63c77a6a8fbea5e03ee781751fed6306c7fdb4cf8659694244b30
SHA512
a50889e03694d1d418ede40b7ea26541948a5bc7bdf90e2e0a0a0bc71fcbc548aa55d62fa898ef837c8defb01be26a34fe9060979b041fb95ec290dbdb5e293e
SSDEEP
3072:zJp3XXTwGouKRZzFPk2I111KYTI1Uk16R86:FpHXroXHMzTy1o
Processes:
resource | yara_rule |
---|---|
sample | family_ploutus |
ExtKeyUsageCodeSigning
KeyUsageDigitalSignature
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_CorExeMain
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE