vtDPk.pdb
Static task
static1
Behavioral task
behavioral1
Sample
f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a.exe
Resource
win10v2004-20240611-en
General
-
Target
f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a
-
Size
753KB
-
MD5
41ec13547c155db2bfcb4035368f2ddc
-
SHA1
bf1dd45f554c246225104c2f7874cdb7cab9f91f
-
SHA256
f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a
-
SHA512
a0713ba4c5aab008f86c0d3947b6684e711609bdb06601c65ab142a7d60b05933dbfeed906a34a3045ddff646ef22b5e9c95168dd2aef0e30b610ac520c3c6f7
-
SSDEEP
12288:i+B2K2IU98H7+zhEpvRFOfjOIqkOc3GwGg7DCvJvzCjB1CC2TACR5leZlNc:aIUg7AGOKI7Wj6DCtCLCCMA+erC
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a
Files
-
f47a77d7238fe78b69a9052c64eb5877509e3b38e647b73a297a129bdefe7e5a.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 750KB - Virtual size: 750KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ