C:\Users\TJ\AppData\LocalLow\Colossal Order\Cities Skylines II\.cache\Modding\Burst\burst-aotcf3unlx5.v45\Anarchy_win_x86_64.pdb
Static task
static1
Behavioral task
behavioral1
Sample
1aaa4b9d30ba353c7b4e526d96ff7540N.dll
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
1aaa4b9d30ba353c7b4e526d96ff7540N.dll
Resource
win10v2004-20240709-en
General
-
Target
1aaa4b9d30ba353c7b4e526d96ff7540N.exe
-
Size
11KB
-
MD5
1aaa4b9d30ba353c7b4e526d96ff7540
-
SHA1
bec95d06f4daf727de42dc0153380234cd2064bd
-
SHA256
24d45558656b0aa8e40ae6c7ae901cf3e6622e9a0c67083d1ae71b3ea9e5eebf
-
SHA512
a869b5f8dc8d5a67f5205c46e2c9820766ef519eb1a8793291adeffe3394c539605061eabf0aeedd2aa7a8587e3015235acb09d9aedfd3767385fa04a90d50eb
-
SSDEEP
192:n00y2RDllJynh7UrouScacEdh2IBYEjxe3oEjAgQq6JvvRLJtT:tnDllgnhg7ScIeIBYEQoEByHT
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1aaa4b9d30ba353c7b4e526d96ff7540N.exe
Files
-
1aaa4b9d30ba353c7b4e526d96ff7540N.exe.dll windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
PDB Paths
Exports
Exports
burst.initialize
d75baf3168122f01522eaab9fda098ff
ec43e8b2557bedac5a93fa18ae121594
Sections
.text Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 1024B - Virtual size: 760B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 512B - Virtual size: 584B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 512B - Virtual size: 204B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ