Static task
static1
General
-
Target
luythen-0.5.4.exe
-
Size
2.5MB
-
MD5
5b40e0db4e86ed3666f2ba8eda665c20
-
SHA1
d5d18673b312dba25244e162925fded54e599040
-
SHA256
4edad8582c9e616cfb6b6ef3b968d99dd5ae5f3c8d25eeafaa58e484c8c0956e
-
SHA512
da8d1f1f237e3fa5f21be2529d5c39cad7cb219cc0587b792d96f8d0ce833dbd3009b290bc0411d8c31b64c6d440e58672ea03e084391b3c06357b9eae70e9a9
-
SSDEEP
49152:fkR26rfBsTYLH/L7xVmFCOsaYjUaNsFYlW42h+:f82yZsofL7xbOsBjUaNsv+
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource luythen-0.5.4.exe
Files
-
luythen-0.5.4.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 88KB - Virtual size: 88KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ