EeBu.pdb
Static task
static1
Behavioral task
behavioral1
Sample
191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e.exe
Resource
win10v2004-20240319-en
General
-
Target
191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e.exe
-
Size
533KB
-
MD5
654c1586b15a278983493f57f72cacb7
-
SHA1
5b6df8769764505ffdb7691ac2150d4327eb8104
-
SHA256
191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e
-
SHA512
0261b627ed3e545a73868d559497fe44060fe9f62e98f6abd1b315c76461fd923e15eff017071d4c3670acd46e79aa4d6c5b0779a3005a1dc414007bd3b2264f
-
SSDEEP
12288:oBUHz1PozcOXiblkQN6gK+papl9P3oZihQbQXMKPDq:oGHzqBaiG6oaP9P3SihQb0b
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e.exe
Files
-
191239a61c70ba900694d294a164f4a162b84d11672871fbb5389967bbf52c7e.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 530KB - Virtual size: 530KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ