Static task
static1
Behavioral task
behavioral1
Sample
efbadf6608789bb0cf7196978b4d71df.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
efbadf6608789bb0cf7196978b4d71df.exe
Resource
win10v2004-20231127-en
General
-
Target
efbadf6608789bb0cf7196978b4d71df.exe
-
Size
685KB
-
MD5
efbadf6608789bb0cf7196978b4d71df
-
SHA1
cafd7cd91642a2753f8a1c50a9260cd24ec6d280
-
SHA256
bbd571c10577d25dcdb8b4302d9e2cd872d824fb6df542997fc4819bbce147b6
-
SHA512
aeb7c9ff28e307f47eef2230313a73c4bdd2ec106c019754165a74a93136448790ca96ab72475c4aeb9e91ef6180db7d3349afedb02549057e267c35cd48f994
-
SSDEEP
12288:rCQRJ0IkziYn3v1mPnxZeTzddvHl9VGe9ClflNrf/sXqZ2:lRJ6zJG3eTzHHXLClf7r3x4
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource efbadf6608789bb0cf7196978b4d71df.exe
Files
-
efbadf6608789bb0cf7196978b4d71df.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 673KB - Virtual size: 672KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 11KB - Virtual size: 10KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ