fCFH.pdb
Static task
static1
Behavioral task
behavioral1
Sample
296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0.exe
Resource
win10v2004-20240226-en
General
-
Target
296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0
-
Size
701KB
-
MD5
327c191bb646304011467099c3f34bf7
-
SHA1
7aeb7022116dc9276e0043cbf06d933cf912a9ae
-
SHA256
296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0
-
SHA512
91651f184cedeb5f201a6086d2aa99d1c554aa95daa324d0cba88dda379dcdc7aa29c3db7831c79d465770a6db4f334166726660c2eb9f78b0182046eb68dcdd
-
SSDEEP
12288:0KcFtImAFhhs+0Y6S415FauQ/xtO3UW67qGUt64BnP7d2qPV7ldeKwm7KR/:0K061Fhhs7Y6/XFDQkLGqG6P7d2qPJls
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0
Files
-
296644cbf62c9afb38038bba97812923c98c82c0d2413366225afcaa405fb8d0.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 698KB - Virtual size: 698KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ