cocS.pdb
Static task
static1
Behavioral task
behavioral1
Sample
Etkt9oJ08ZyhAlm.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
Etkt9oJ08ZyhAlm.exe
Resource
win10v2004-20240802-en
General
-
Target
13082024_1658_13082024_Proformapdf.gz
-
Size
896KB
-
MD5
a945d0599011f097eef459db89b2297a
-
SHA1
0f58c2365fae6356d39e8c3d2a4603da757a8e91
-
SHA256
537aface17aa6df726d93385184f5f4d1803cf3746790c3d80ff1feac8df052e
-
SHA512
c98a73642ec144500ad379dbc1506c06f1df58a169fe3c49b1da5123697623f451a1b4978d4d9301c331eb1b778766b31082a90542accefb7910a048fc171857
-
SSDEEP
24576:hh8L6f/WSmeLXvggQF6KgoM7afnhM0g2PMk5tRl6ncW6EK:hh06f/WOLXvgt6Kg77a5M0g2P16ncW6z
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Etkt9oJ08ZyhAlm.exe
Files
-
13082024_1658_13082024_Proformapdf.gz.rar
Password: infected
-
Etkt9oJ08ZyhAlm.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 907KB - Virtual size: 907KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ