C:\Users\James\Documents\Visual Studio 2017\Projects\SharpMonoInjector\SharpMonoInjector.Gui\obj\Release\smi_gui.pdb
Static task
static1
Behavioral task
behavioral1
Sample
e0d25e982293a424a36c37dd778100785d24e24a0318e2111b2991c3a1ace120.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
e0d25e982293a424a36c37dd778100785d24e24a0318e2111b2991c3a1ace120.exe
Resource
win10v2004-20231215-en
General
-
Target
1d89bb27ef47c0b20d7d3738c72b7585.bin
-
Size
36KB
-
MD5
daa4ec0c7fb26ed8d672c229ee4dd040
-
SHA1
249f4bb7e4d07ae76662969a2ba6ba28c9f50c91
-
SHA256
7024d3a6f2c10d9294975d94ae6413ba119936bf10d1539c6f73ef93bd2b8ee3
-
SHA512
15605a78edbcf1635cdfc932fdeb6bffb92e8dbbd7fc50e58d5c9713875e225329a62a5baa745325a9653d2f508a7f060c54e234eb50bf07aba40c991acdfea8
-
SSDEEP
768:AykNpdFulTtY3ZBU/qOQ1fKWDrWooxCYmeKR435bB9P:APuNtIZBUiOIDrdZRqP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/e0d25e982293a424a36c37dd778100785d24e24a0318e2111b2991c3a1ace120.exe
Files
-
1d89bb27ef47c0b20d7d3738c72b7585.bin.zip
Password: infected
-
e0d25e982293a424a36c37dd778100785d24e24a0318e2111b2991c3a1ace120.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 226KB - Virtual size: 225KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ