qQQg.pdb
Static task
static1
Behavioral task
behavioral1
Sample
3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77.exe
Resource
win10v2004-20240226-en
General
-
Target
3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77
-
Size
727KB
-
MD5
9f185fb71c269d1f66c3838afbc83813
-
SHA1
843022ec4c61214d95206cb715ec44861bd45103
-
SHA256
3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77
-
SHA512
f6fb6861eec520275660d662901cf463206f094df2d961e82632c7666b33c3e4be17fa5e0250df4d8185ff8f443475aaef2e27b1c4069d8871e179d42f68b966
-
SSDEEP
12288:/VniETpboDXj7O2klceKOe0GAF0dJmpyaZjo5ZqzMxad00On1Xv8mY4p36wRh9aI:d7bEunLRA/mpViuMwJ08n4p36w84vrv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77
Files
-
3fe3583b88bdd323f3472c53cc4e539423576694421176542a65473a1860cf77.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 690KB - Virtual size: 688KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 20KB - Virtual size: 19KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 2KB - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ