C:\Users\adren\source\repos\Ransomware\Ransomware\obj\Debug\Ransomware.pdb
Static task
static1
Behavioral task
behavioral1
Sample
program.exe
Resource
win11-20240802-en
General
-
Target
program.exe
-
Size
14KB
-
MD5
ac6b86ca10ddd4858907c03f16171bf9
-
SHA1
53dc68ae7f11add7b484ad673de7a8f7ceb68fb7
-
SHA256
212e3d4c4cc8bba52fe59db28a3d382322728ec276138cf5cafed085612c956c
-
SHA512
e386d91b681dd6e00177b54a737497ee0fa63a3fc4b336f1435aee3e4d3e230952a268aa29d988779023d5e01cfdfc58ac8b6f1e70b7e0aff3bc7ef7915d5e7a
-
SSDEEP
384:bBR6QY+1C9e/VF5tpsxHLVwruokwJwADaTDniLe2QWTyAwM+:PULLGe2QOwp
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource program.exe
Files
-
program.exe.exe windows:4 windows x86 arch:x86
Password: 123
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 11KB - Virtual size: 11KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ