Static task
static1
Behavioral task
behavioral1
Sample
probably.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
probably.exe
Resource
win10v2004-20240508-en
General
-
Target
probably.exe
-
Size
5.1MB
-
MD5
69ef76003323b61675bc693a0f01de54
-
SHA1
96d0287e215dc5f2b8b4d5476c3fa08f6f071993
-
SHA256
85828782dd62bcdd8e87d7543ce624be9068c14ae072c0c08230b8bf206f4848
-
SHA512
af0233c83055745943e0559a681a044b18792b3c2919a5e66a9710d6433bcb281d9e339140a4e64c1209c5784332a267c74e37212ab6e8f5adedcc004b4d1265
-
SSDEEP
49152:Y1oVV1BCjBYkwwpim9dWWRh3c8VV1BCjBjdWWRh3akwwpCmk:bDH6j041l
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource probably.exe
Files
-
probably.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ