C:\p9h8r2\obj\Release\Question.pdb
Static task
static1
Behavioral task
behavioral1
Sample
f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445.exe
Resource
win10v2004-20240419-en
General
-
Target
f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445
-
Size
316KB
-
MD5
23cafb389aa9def963408cf75fbdc3de
-
SHA1
42d4d3ce2fb11816af2c5589af84f005e9c107fb
-
SHA256
f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445
-
SHA512
9fbbe7f20766c8f1f63f058df2702c66d041bf42c968b8c1b4528c26848b85c1d74c535e1c056e38fd2e23041950fb6cd906ead098de926948d93068eb58aecd
-
SSDEEP
6144:y+lksux78CYmXp8eq2cPYa1xwIiyRJINKpdi8bspmE7NC6j+sXE35HE:y+ksuCC/Z8rB1BisJINKpMW
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445
Files
-
f0899e7c851aba6a5a56f41b573e7d6d041c55da0f6cda934c4710dc421d6445.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 314KB - Virtual size: 313KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ