Static task
static1
Behavioral task
behavioral1
Sample
Annabelle.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
Annabelle.exe
Resource
win10v2004-20240611-en
General
-
Target
Annabelle.exe
-
Size
15.9MB
-
MD5
0f743287c9911b4b1c726c7c7edcaf7d
-
SHA1
9760579e73095455fcbaddfe1e7e98a2bb28bfe0
-
SHA256
716335ba5cd1e7186c40295b199190e2b6655e48f1c1cbe12139ba67faa5e1ac
-
SHA512
2a6dd6288303700ef9cb06ae1efeb1e121c89c97708e5ecd15ed9b2a35d0ecff03d8da58b30daeadad89bd38dc4649521ada149fb457408e5a2bdf1512f88677
-
SSDEEP
393216:UMwm0qBknxdEX+LbMUgoSZmWSmh4aaRN22ChHCMNku1y:UMcKX+Lbjgd7W1RNVC9ku1
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Annabelle.exe
Files
-
Annabelle.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 15.7MB - Virtual size: 15.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 268KB - Virtual size: 267KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ