gOxa.pdb
Static task
static1
Behavioral task
behavioral1
Sample
tTbQa71UeNsVrSr.exe
Resource
win7-20240903-en
General
-
Target
tTbQa71UeNsVrSr.exe
-
Size
658KB
-
MD5
cab065bec52b2ff086ef33b66a87213d
-
SHA1
3b7dcaad22ba6adf5da170ecdc6c96975f47055d
-
SHA256
7dbfe3e815092dfd471861a962bbb464ec76438144f4cb5dd031b02eda2f8ea9
-
SHA512
eca654e71054401cabe7b4c573abc39c578e4c16b985f8762d5e47191ac0d0c30549969a88e9c95ee5ef2942656bbf1a2874a6cdab3febf47c81dba68c39c262
-
SSDEEP
12288:s0mt8/WAgeS8+dypaxRF/Q4sZjEoXNVT7YS6IXD0:sXomh8+EG/ANVT7YS62
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource tTbQa71UeNsVrSr.exe
Files
-
tTbQa71UeNsVrSr.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 654KB - Virtual size: 653KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 3KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ