qevU.pdb
Static task
static1
Behavioral task
behavioral1
Sample
67478aaae5e89afc20d6e29500da5a1a3a9c266976a4aae255fe9ebbe4aeef58.exe
Resource
win7-20240508-en
General
-
Target
67478aaae5e89afc20d6e29500da5a1a3a9c266976a4aae255fe9ebbe4aeef58.exe
-
Size
718KB
-
MD5
d78328c74038f352a3fc925869c72a6f
-
SHA1
40add36f173997516722233a7f77e6d5820059a0
-
SHA256
67478aaae5e89afc20d6e29500da5a1a3a9c266976a4aae255fe9ebbe4aeef58
-
SHA512
f0931df42e13e5ce3b77d5cde4532dc21cfe5cc1625b89eab5992687d33ece3baddda95d45ade93ca401605163be2990af8eb6ffccd926fd7154e5e593d7468e
-
SSDEEP
12288:hxK2iNPyCK2xrOomU7kmHS3fbjX3GQDwcpgPGEgA3ltVHkPcoN7QHNqSTmG:O15yC5m4SvbjX398td3ltVVoN7QHNqSP
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 67478aaae5e89afc20d6e29500da5a1a3a9c266976a4aae255fe9ebbe4aeef58.exe
Files
-
67478aaae5e89afc20d6e29500da5a1a3a9c266976a4aae255fe9ebbe4aeef58.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 715KB - Virtual size: 715KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ