C:\Windows\Containers\Confidential\DotnetGenerator\Stub\Projects\HFayo\obj\Release\HFayo.pdb
Static task
static1
Behavioral task
behavioral1
Sample
9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7.exe
Resource
win10v2004-20240319-en
General
-
Target
9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7.exe
-
Size
668KB
-
MD5
b2ebfbb63f7ccdff15e24e4ff801c986
-
SHA1
584079acf1abc206fca557907ab0c258ebc21a9a
-
SHA256
9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7
-
SHA512
dd8d4b655504786999696f2603b915351d2daab578568f8ea181fdb54aa5eb420d2f02937eab6d6649562c243bba5259d26e04a19a0c48b894037a66dc48afe2
-
SSDEEP
12288:zuLD9C9DaFlVqcwO9kuereZz5WgZtjs1Ux6xdE0Is0JAIActwqk67tjbFRU:zsuMA7O9nZQktjs1+ps0CI1Ox6nRU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7.exe
Files
-
9b6287ed088ca9a4d43602c95f045bafb0f17214412a749d27a5b2c126c8edb7.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.text Size: 87KB - Virtual size: 86KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ