BotClient.pdb
Static task
static1
Behavioral task
behavioral1
Sample
c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97N.exe
Resource
win10v2004-20240802-en
General
-
Target
c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97N
-
Size
3.1MB
-
MD5
712d466cf9f8e982f18eb3355131e5c0
-
SHA1
7d713406a470e2d34ec2b44a353fc6f0a700ebf3
-
SHA256
c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97
-
SHA512
5edb0967f46cd466347442f900e90c800e2304cd7c595b1802669dd2056483e9b6575b8aae80ba2d797531176bd0e68c381c574ec2f24b2f5a0f6651e5b9b35a
-
SSDEEP
49152:APM6dZE0wn04Qc0whf7/Dm9Jx8SaF3iErioTta+iR3Q9Y2dBoZMrluR:ADwnd57/DjtFyErnJa+iRQZdWMh0
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97N
Files
-
c35431b8db327238a32ce86f4f65b57571a57ce552d79e05cd49b53d4dc66f97N.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.sdata Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 141KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ