C:\Users\user\Desktop\WindowsApplication17 SA.pdb
Static task
static1
Behavioral task
behavioral1
Sample
32f7bacb6356f0143c70783d6716ec79b9702582a7d6995b3b25023c86a13f3d.exe
Resource
win7-20231129-en
General
-
Target
32f7bacb6356f0143c70783d6716ec79b9702582a7d6995b3b25023c86a13f3d
-
Size
494KB
-
MD5
793c128268851d458f0c0ca0bc8c74ff
-
SHA1
53f149d1aa422ed35987bf2d664407f96e71f4ee
-
SHA256
32f7bacb6356f0143c70783d6716ec79b9702582a7d6995b3b25023c86a13f3d
-
SHA512
456ffa6daeb61d6c48a7e340ad04fb95727581efdb9ca9ed960c182ea99f554843fb0c71b45044a94dfc2950a54206f5bf2634e4306a5470872ce2efed639b12
-
SSDEEP
12288:WndSriQNNwrZCy8P0N2Ahn/OyeCsSJI8C/MvQuOBYTmOo9tRK:SSriBrZ18MRhn1djI/MozB2U9tw
Malware Config
Signatures
-
Detects executables packed with SmartAssembly 1 IoCs
Processes:
resource yara_rule sample INDICATOR_EXE_Packed_SmartAssembly -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 32f7bacb6356f0143c70783d6716ec79b9702582a7d6995b3b25023c86a13f3d
Files
-
32f7bacb6356f0143c70783d6716ec79b9702582a7d6995b3b25023c86a13f3d.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 481KB - Virtual size: 480KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ