rLLB.pdb
Static task
static1
Behavioral task
behavioral1
Sample
1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb.exe
Resource
win10v2004-20240226-en
General
-
Target
1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb.exe
-
Size
740KB
-
MD5
31d774bcb59137de3360dcb616cb7b5b
-
SHA1
83a1b52ebc2b0b765b27ef0566e0f762cd5a1cd9
-
SHA256
1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb
-
SHA512
33c7903b26f3fff20aceeafc31a1980ef017350090d7a4ee5333542b0976b29b2eaeec8f97cb5aac549f0344ff33cf0f020e319d4342d47bf5fe61a84d36c76c
-
SSDEEP
12288:kd1JsJ6S4d1Sh2iNwA4fNTq29Glbr9IjAhnoOSldKByGOFyGK5uPPaSshrQk1S:kdrw1GA4Nm2ZAW9djGOXA
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb.exe
Files
-
1351b990d6a707e3a6e70890c2e4a637ce36c074210bed4ed5861e111f766ecb.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 724KB - Virtual size: 722KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 8KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 4KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ