f:\dd\vsproject\xmake\XMakeCommandLine\objr\amd64\MSBuild.pdb
Static task
static1
Behavioral task
behavioral1
Sample
85b9d2747ad3611c8f62dc338dc9c7d53e85f50f43518f1c8063469f1034fbbe.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
85b9d2747ad3611c8f62dc338dc9c7d53e85f50f43518f1c8063469f1034fbbe.exe
Resource
win10v2004-20240802-en
General
-
Target
d86e514ae05789feebb53716a4ba0f80.zip
-
Size
910KB
-
MD5
a5f1980823bb215141393b6943ede30f
-
SHA1
9f8c401609f1025abe33c3d9c2bcd8ac4bcc0cd2
-
SHA256
0520ce30672542f4fe140e67b0e5f8f5a1a16f863b17bb521b9ff6bb1cdd489e
-
SHA512
931a12ee190515c2bbcea6b266e74d043a662f2e60174c11e5f480a2520090ea8dbf57a7d51bf2d406d86c61fedbec6193255c82a59e845c8c5a5f33ef10bd1a
-
SSDEEP
24576:MPCPhsd4X8o3E6NS/6p0DQ90mz1ct6s/jkg0qtoD8:hhsnZ/6p0886s/jWU
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/85b9d2747ad3611c8f62dc338dc9c7d53e85f50f43518f1c8063469f1034fbbe
Files
-
d86e514ae05789feebb53716a4ba0f80.zip.zip
Password: infected
-
85b9d2747ad3611c8f62dc338dc9c7d53e85f50f43518f1c8063469f1034fbbe.exe windows:4 windows x64 arch:x64
Password: infected
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Sections
.text Size: 60KB - Virtual size: 57KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 12KB - Virtual size: 11KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ