xLcH.pdb
Static task
static1
Behavioral task
behavioral1
Sample
529119370421ca0a83e5d217440610015f5a68405d4ac3af788056f3059bba50.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
529119370421ca0a83e5d217440610015f5a68405d4ac3af788056f3059bba50.exe
Resource
win10v2004-20240412-en
General
-
Target
f09ce335313a6666a3633ffbbe20cf1e13651f77575265dcf30e40919161ca14
-
Size
657KB
-
MD5
b827a2d1632ae37f803165db3ea85006
-
SHA1
9d91b9ce4914dba6884af66d58554dc55eb81913
-
SHA256
f09ce335313a6666a3633ffbbe20cf1e13651f77575265dcf30e40919161ca14
-
SHA512
839b47b98179b68b15f23960a942c83aeaf0b38de803e66930070cab213e4f6733cfc4c8c0bb9e5a34cc49aa51549176f2ab5547e28ecfa2f723be8062ca5377
-
SSDEEP
12288:WC7+WLWFUovUyoCLqDdCfK4A3TxUrTX1VBdSJZYeLIK4ICMi5M44T:h+nUiqDdcQdQTFVHKf6/Vo
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/529119370421ca0a83e5d217440610015f5a68405d4ac3af788056f3059bba50.exe
Files
-
f09ce335313a6666a3633ffbbe20cf1e13651f77575265dcf30e40919161ca14.zip
Password: infected
-
529119370421ca0a83e5d217440610015f5a68405d4ac3af788056f3059bba50.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 681KB - Virtual size: 680KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ