RootDesign.pdb
Static task
static1
Behavioral task
behavioral1
Sample
RootDesign.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
RootDesign.exe
Resource
win10v2004-20240709-en
General
-
Target
240715-efjhcsjl3w_pw_infected.zip
-
Size
72KB
-
MD5
69f09b0edcac619101cd058fd0b2211e
-
SHA1
8c060f3faecf4f93bef60809ddd6bb87c0d07d13
-
SHA256
7ed370a6a44ce3f2f42465c5bb7a66554ac5d1780909d14aa650652029523dcd
-
SHA512
86ff303de2fccd5cf21a3d61d7045b25317560ed712eba03ab1606c55ced3289f505c101b438f3c5777610d8d6a6091c3cdb59f6d1677dfe4555afae9fb2e06b
-
SSDEEP
1536:hQXSXyRUQOjy7M6RO1oZEI1m+NGrqeVIbmTmB44SoxKWYd:2XBRAjf6bvTpbmTmB44PMWYd
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/RootDesign.exe
Files
-
240715-efjhcsjl3w_pw_infected.zip.zip
Password: infected
-
RootDesign.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
Wvs_N` Size: 39KB - Virtual size: 39KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 62KB - Virtual size: 61KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 18KB - Virtual size: 18KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
Size: 512B - Virtual size: 16B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ