C:\Bahriye_Belgeler\Dersler\MF\CPII\2014_2015\Uygulamalar\hafta7\G4\Uyg1\Uyg1\obj\x86\Debug\Uyg1.pdb
Static task
static1
Behavioral task
behavioral1
Sample
5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1.exe
Resource
win10v2004-20240226-en
General
-
Target
5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1
-
Size
12KB
-
MD5
4e6f8a4842607a2f15efa089f3576ebd
-
SHA1
94b0e06eecf3881ad3eac1e9860aa6f5a6082a36
-
SHA256
5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1
-
SHA512
042893fdc4df0f3967dc0a43b44a554e0d101f17d346c0c009e8f98a6e25a5d6ebbe6ea9a28bc11625414210047eaabb19b8c68d1b4bdce786c7b26fdc7202db
-
SSDEEP
192:nzkHXTvvSLa/N8CWYTUEgffoIloekVmWIIrfAPPzP5kinDgKSonjW:nzkHXTvvXWYjgffkxbrfObWinDgS
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1
Files
-
5a1d6fb77b50b2d2bd49c9f12c67a2b9cd297da41c48f9b5cb1ea7cc5fe0f4d1.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 9KB - Virtual size: 9KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ