C:\Users\Charlie\source\repos\WindowsHealthCheck\WindowsHealthCheck\obj\Release\WindowsHealthCheck.pdb
Static task
static1
Behavioral task
behavioral1
Sample
c31385585e430e79afdf94955773e89629be07885639c68461a32c8462c4e0bf.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
c31385585e430e79afdf94955773e89629be07885639c68461a32c8462c4e0bf.exe
Resource
win10v2004-20240802-en
General
-
Target
d441cf99150f3cfcb223fd9bde1bc6e9.zip
-
Size
1.0MB
-
MD5
588b3fe9047765bd9d7ddd582483c809
-
SHA1
03754d0c170c2850c72d8a6b84a845cd05c1ebed
-
SHA256
ce3c425374f19408fc91492a40a6dbc184cfdc6ad2db5738f5fc7483b5aa02fb
-
SHA512
4c7bfeac256beefae9276d4f497f25e8c48d680429e7541fb1f0f0aa0e36a55c6aae80a896592926190b4d18900ee09e7da4431b169cb2eaad18a3277ffa2e2f
-
SSDEEP
24576:B0BQmUB3Vs6Mjdch+LEIwvDdYmpVvvNLM2W66FCzoIEv:SBTUZV3Muh+LEz/JlLM2WPFCzoIEv
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/c31385585e430e79afdf94955773e89629be07885639c68461a32c8462c4e0bf
Files
-
d441cf99150f3cfcb223fd9bde1bc6e9.zip.zip
Password: infected
-
c31385585e430e79afdf94955773e89629be07885639c68461a32c8462c4e0bf.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 1.7MB - Virtual size: 1.7MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 41KB - Virtual size: 41KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ