C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\Fallkyriya\obj\Release\Fallkyriya.pdb
Static task
static1
Behavioral task
behavioral1
Sample
c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60.exe
Resource
win7-20240221-en
General
-
Target
c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
-
Size
745KB
-
MD5
a2fae54266cb96924d3a16fef3b39122
-
SHA1
4b0507361804b6579d80642f3375604690bbf07b
-
SHA256
c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
-
SHA512
f94578821bf2755bacd9cb668f8df3554e4a7e7247eca32a3814abab7180d2060ed4a77a76fe12130c1aeba09bf95ac9a3e896ae4681ce2e9cf28951331c81af
-
SSDEEP
12288:Hdyr89smmxgbHwwTkOk9SmRBR0dn2mL/8iHsbRgTsI0rtAjmaY:Hd+gfawTJatOt2mouGaY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60
Files
-
c2397ab357eae308b98360110c809e8e63d48d7b8b88449615a5a252354b2c60.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.text Size: 32KB - Virtual size: 31KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 133KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ