C:\Documents and Settings\m-nakamura\My Documents\Visual Studio 2008\Projects\AVCREC\RipAVCREC\obj\Debug\RipAVCREC.pdb
Static task
static1
Behavioral task
behavioral1
Sample
9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a.exe
Resource
win10v2004-20240226-en
General
-
Target
9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a
-
Size
58KB
-
MD5
4db6c1d96d438c531ec333d1faf3c86d
-
SHA1
9a3b35b3c244441977d59feaf581081ebec6c14e
-
SHA256
9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a
-
SHA512
fd862a1ef05f27233c946955d7171baf0355331063b32759d56660ce74d91204723ae6d896bf17389500583c40d495cb8f4665703ab2c596508c385d02a82210
-
SSDEEP
768:vTk5FuQT0pztGMZ10pKwoX+w5j+rW1B9bJmFhoX+w:vTkr0GMZYKFuw5j+rW1B9bJmFquw
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a
Files
-
9bd6070e2031ecf42928ea845d6ae128f6f8ca093c4639b4f1134f7d10d4ca7a.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 47KB - Virtual size: 47KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ