C:\Windows.old\Users\ArizonaCode\Documents\Visual Studio 2013\Projects\LOGON\LOGON\obj\Debug\LOGON.pdb
Static task
static1
1 signatures
General
-
Target
DeriaLock.zip
-
Size
210KB
-
MD5
016d1ca76d387ec75a64c6eb3dac9dd9
-
SHA1
b0a2b2d4d639c6bcc5b114b3fcbb56d7c7ddbcbe
-
SHA256
8037a333dfeca754a46e284b8c4b250127daef6d728834bf39497df03006e177
-
SHA512
f08653184d7caf48e971635699b17b9502addb33fb91cc6e0a563e6a000aeb57ac0a2edd5a9e21ef99a4770c0dbb65899150fa5842b0326976a299382f6be86e
-
SSDEEP
6144:rly5xPXQYQtWnwNRIPbk7DLJSa/tJru36a6fijJ5/j:rly5xPXQQwIY7sax75fizb
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/[email protected]
Files
-
DeriaLock.zip.zip
Password: mysubsarethebest
-
[email protected].exe windows:4 windows x86 arch:x86
Password: mysubsarethebest
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 313KB - Virtual size: 313KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 512B - Virtual size: 312B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 168KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ