C:\Users\Demornay du Toit\Documents\Visual Studio 2012\Projects\Release\obj\x86\Release\Genesis I.pdb
Static task
static1
Behavioral task
behavioral1
Sample
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52.exe
Resource
win10v2004-20240508-en
General
-
Target
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
-
Size
2.4MB
-
MD5
0cdd8f3246cd482465cb82b6fc4b367f
-
SHA1
4fe9107fd47b3210a5466072c8384af6eee459df
-
SHA256
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
-
SHA512
7636ca5e0c1b97ed3be9e103d273941fda0e26e4d97569d04df76421693b493fb266b8e9c0baf13b8e17bd5540369d369af7555f446aa59d82c3a8878d85752e
-
SSDEEP
49152:w/////////3/5////lsbWH2nEmdWyS7gE/3////3/3hybxYM9/6UYR00:w/////////3/5////lYdWLr/3////3/E
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52
Files
-
cea4ee17a1f8251b97b7e191f52a8a64fd42f35b4bb40312c65b96d68c91af52.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ