Extended Key Usages
ExtKeyUsageCodeSigning
Behavioral task
behavioral1
Sample
so7036c/Defender_Settings.vbs
Resource
win11-20240802-en
Target
so7036c.rar
Size
446KB
MD5
9f3cbb783955378db7a59eeddea251ea
SHA1
5b5c6ffe4d6fdb42848cbd4c0fb8918ff34f8b90
SHA256
46dff78f5687b905125904a7ed7387d4eac539ed4adae703a950e61718132b82
SHA512
373c928c346dea8d1f842e89596abd3d279424292f54983b9351857bd1d2f797200b12d46b11d2b9d54d2864e0b90a5a72ebcbc44897827642af4aca33acdb08
SSDEEP
12288:1fQ6gBuJBOMZ5i2FLv9Qx9/Lfj2u0hki6WtMdWVyy:eBuJBK2kzjRWgED
resource | yara_rule |
---|---|
static1/unpack001/so7036c/dControl.exe | upx |
AutoIT scripts compiled to PE executables.
resource | yara_rule |
---|---|
static1/unpack002/out.upx | autoit_exe |
Checks for missing Authenticode signature.
resource |
---|
unpack002/out.upx |
ExtKeyUsageCodeSigning
KeyUsageCertSign
KeyUsageCRLSign
ExtKeyUsageTimeStamping
KeyUsageDigitalSignature
ExtKeyUsageTimeStamping
KeyUsageCertSign
KeyUsageCRLSign
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ