C:\Users\Thomas\Desktop\free spotify\spotify clicker\obj\Release\Spotify.pdb
Static task
static1
Behavioral task
behavioral1
Sample
afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660.exe
Resource
win10v2004-20231215-en
General
-
Target
afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660.exe
-
Size
1.7MB
-
MD5
5214e287e7509bb4940901996b496d4d
-
SHA1
a3fe343817dc817c091fb2b30b36600abfb062df
-
SHA256
afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660
-
SHA512
c29a538c58407e46d79df33d05014ea2156cf40dec11122569d9135adfe15f6b1a038bac4dc88a3ac8b2f2aae3cb72e22cf10cdacbe621dc8d3d60d57ef18797
-
SSDEEP
24576:QLBCNLuUJ8CMxio71kiSyvrZzUeQmu1+sbkGsN9zZ4uQMWsUbMjCfxXmikVgiK:Q94Lu1C6ryhwrFQmuXuFdHWjIjCgzVz
Malware Config
Signatures
-
Detects executables manipulated with Fody 1 IoCs
resource yara_rule sample INDICATOR_EXE_Packed_Fody -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660.exe
Files
-
afa2f55e149097f9b250142bbfd94d9d56d10649c96adb079fdb0dfdac7c6660.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.6MB - Virtual size: 1.6MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 113KB - Virtual size: 113KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ