C:\Users\user.DESKTOP-3VUNKBC\Downloads\Account\CrackAccount\obj\Debug\test.pdb
Static task
static1
Behavioral task
behavioral1
Sample
Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe
Resource
win10v2004-20240412-en
General
-
Target
AO_RDS01_2024-04-18_16_39_30.221.zip
-
Size
13KB
-
MD5
f827a1fd82ba3c0a6e29b52c846350c4
-
SHA1
0cbaa6e35f322eb6cb783b3c78f7c2ba98c727d4
-
SHA256
704784b07c98d684e9d8bc49631f333ae54cedd94f2fbbc7ce3506ddc0f6b221
-
SHA512
00e3fe2edfffbb06dc9142e85e4e4eecf5a79e3cdcbe3a8dfc5b5b644269ae89a2ca1e87e54ea79e87c11d743fc1354ac10612589054a57df8845f171cfad469
-
SSDEEP
192:NxUpx1FrhtrHuApM3jQA2gg8qEuUlAfdxxBW2F69w3oLGkk0ZL1r8fh78eq6mk+0:NxKDtrHuApTQJluVUmoaq98578eq655X
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe
Files
-
AO_RDS01_2024-04-18_16_39_30.221.zip.zip
Password: Malware01!
-
Device/HarddiskVolume4/Users/jjohnson/Music/AccountRestore.exe.exe windows:4 windows x86 arch:x86
Password: Malware01!
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 26KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
-
manifest.json