Static task
static1
Behavioral task
behavioral1
Sample
ChamsBypasser 0.25.2.exe
Resource
win7-20231023-en
Behavioral task
behavioral2
Sample
ChamsBypasser 0.25.2.exe
Resource
win10v2004-20231023-en
General
-
Target
ChamsBypasser 0.25.2.exe
-
Size
2.2MB
-
MD5
91777922c65a9eea4cd743cf8f071f6a
-
SHA1
4e6234a91e2dbe6740f8f74ee9dd4a12f90d7b7d
-
SHA256
a45c123811794bddc1b02b77285b76b69e6a77e0e912e6f7e8eae86821b1172b
-
SHA512
4767f289b6eafadd26d485cb4fe11b651ece405994a230afa1c05f84949e6fda7749e080c7cddb953510219c4309944f176c2618f5ac2477a58b8407b715acd6
-
SSDEEP
49152:kpOfWjgYEitVwmzwGXvlBNH89kLZnTamN+qR21rDb:kpO+bEszBfhBVnT5+qRkHb
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ChamsBypasser 0.25.2.exe
Files
-
ChamsBypasser 0.25.2.exe.exe windows:4 windows x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.0MB - Virtual size: 2.0MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 266KB - Virtual size: 266KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ