C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\HFayo\obj\Release\HFayo.pdb
Static task
static1
Behavioral task
behavioral1
Sample
JUSTIF.TRANSF..exe
Resource
win7-20240221-en
General
-
Target
JUSTIF.TRANSF..exe
-
Size
798KB
-
MD5
fb029eca94061f0186fc8701bdc85c77
-
SHA1
08231601ad4894e80dc1bd323456ed5e4cacb13c
-
SHA256
d2a44cec8dbbd996cc4b5780f907f33fd4040c44519653503f4b17f3288149a6
-
SHA512
f46da4da503d580eb9fb9648141375f1a5c244d6832a7c426d65337d0e7cec6f515ae1ee9a0921002c4d04b99b01b09775ffe8823e9a557f0ff78aee57cf07d4
-
SSDEEP
12288:R6dum27u49Zr7EwcCiCXZHvyK7m2GtW8rTRpJ9ShOWQ7G/GFH9eo:R6dufltdcCpPyPW8rTRp6I8+deo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource JUSTIF.TRANSF..exe
Files
-
JUSTIF.TRANSF..exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.text Size: 88KB - Virtual size: 87KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 132KB - Virtual size: 131KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ