WlLockEvent
WlLogoffEvent
WlLogonEvent
WlPostShellEvent
WlShutdownEvent
WlStartShellEvent
WlStartupEvent
Static task
static1
Behavioral task
behavioral1
Sample
d0bc33c6390df217b1b89768d438613d8f58fbdcc1aa0a745c393f195f11c1df.dll
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
d0bc33c6390df217b1b89768d438613d8f58fbdcc1aa0a745c393f195f11c1df.dll
Resource
win10v2004-20240802-en
Target
d0bc33c6390df217b1b89768d438613d8f58fbdcc1aa0a745c393f195f11c1df
Size
37KB
MD5
d0b51f92a51f01299bc8536c22578742
SHA1
8302f287bb8af28e98083f5de0b403feb18cdb40
SHA256
d0bc33c6390df217b1b89768d438613d8f58fbdcc1aa0a745c393f195f11c1df
SHA512
db69c1349ab6782e532fd7923110bda6f790cb209a9e81199e87533af63fb36a5c840cd1803610851e268d2e9df3f9b573e265c82425155d25d65a18e6b965ca
SSDEEP
768:D/cYkprGfaz3+H9D5qQhOyPjvRQpr81FvXfm+:D/cYGr6iu9qQhOCjY8XfD
Checks for missing Authenticode signature.
resource |
---|
d0bc33c6390df217b1b89768d438613d8f58fbdcc1aa0a745c393f195f11c1df |
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI
WlLockEvent
WlLogoffEvent
WlLogonEvent
WlPostShellEvent
WlShutdownEvent
WlStartShellEvent
WlStartupEvent
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ