C:\Users\Administrator\Downloads\92VSX0r\ni ker\Bypass\obj\x64\Release\Bypass.pdb
Static task
static1
1 signatures
General
-
Target
Bypass.exe
-
Size
218KB
-
MD5
00ded14a2aab58bdad486cc0aebc585b
-
SHA1
fe204486569c04a1160173cd6f867c7e51397fb2
-
SHA256
ef64bb0307da0e3d69a34efcef2c9674be1bd04f8acad31fdba21faecd21734f
-
SHA512
2585b31c4f84863950461d4bb0669b2dfa138d8c55fa4754ab19fe60b615dc18e164c9e08975aa8922a0c66550ed1fa73d59c3235cfc96cfbd8c3dd3cdd4f9b9
-
SSDEEP
3072:Eky8n0d+NHQUiVaHm7aod6TJ4BF2wzAQerG1OFJ25M0d+NHQUiVaHm7aod6T7ZUE:1y8JNQUVGBM14BTfcFJ46NQUVGBMZ
Score
3/10
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Bypass.exe
Files
-
Bypass.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Sections
.text Size: 216KB - Virtual size: 215KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ