seDS.pdb
Static task
static1
Behavioral task
behavioral1
Sample
839be5e2a653b3fbd43370403d066b16e4dd22d867997b5156de621f44bf072b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
839be5e2a653b3fbd43370403d066b16e4dd22d867997b5156de621f44bf072b.exe
Resource
win10v2004-20240412-en
General
-
Target
028be5788093b28cb81278a235abe328ece0264fbcec09e599e9251f0a87e562
-
Size
893KB
-
MD5
62405c5a2161f4598fe0fe3341ec276d
-
SHA1
93311d2e55f23499045ee219817275e8ab9b7c22
-
SHA256
028be5788093b28cb81278a235abe328ece0264fbcec09e599e9251f0a87e562
-
SHA512
4a136b73214ea0641d65e0f2af930bae3b1482c76fc24c9f50df57f96b810b664c5d7c418e33e28efc026fd128bd58ef25678f460156fe00df410e147c917580
-
SSDEEP
12288:eXrU4CWVDl7CSl/CNGtcnBm5C3WQJEYMd0gABNcI4Ynu0TaTtPRO7vHnFHE5pR76:egSblKAl54JEYMdWtnZTSt+vHnBE5PK1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/839be5e2a653b3fbd43370403d066b16e4dd22d867997b5156de621f44bf072b.exe
Files
-
028be5788093b28cb81278a235abe328ece0264fbcec09e599e9251f0a87e562.zip
Password: infected
-
839be5e2a653b3fbd43370403d066b16e4dd22d867997b5156de621f44bf072b.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 981KB - Virtual size: 981KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ