Static task
static1
Behavioral task
behavioral1
Sample
0xcheats_dumped.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0xcheats_dumped.exe
Resource
win10v2004-20231215-en
General
-
Target
0xcheats_dumped.exe
-
Size
18.3MB
-
MD5
925da05b97dd4c0c89aae368fc53a7ab
-
SHA1
b75783e2596ceb208e91f081e7002605f4a55a79
-
SHA256
3ba47d10cc8fcc773c09a52f76db8cd9c3d34819b75e2e8a32c0303122c9e932
-
SHA512
b0506d3b6eef826fa8fea90546817897c788264159ecc24a557b07c5eda71f9d558051d202f9c622ef5373fa088bd6d57aad36bee4917ea892758c453037f124
-
SSDEEP
196608:1slboh3I4lkC9L6BdW41BW/x23wYfx3COwJLLokIKkuJTmbuW1h0zUCygUyBPmnr:MELh6da2BJ7lRugbu3uudHC5AJsr
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0xcheats_dumped.exe
Files
-
0xcheats_dumped.exe.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 513KB - Virtual size: 897KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
Size: 61KB - Virtual size: 151KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 1024B - Virtual size: 1.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 512B - Virtual size: 488B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 23KB - Virtual size: 30KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
.idata Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tls Size: 512B - Virtual size: 4KB
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
./\. Size: - Virtual size: 13.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.boot Size: 8.8MB - Virtual size: 8.8MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 16B - Virtual size: 4KB
IMAGE_SCN_MEM_READ