C:\Users\You\Desktop\Hacking stuff\virusthing\obj\Debug\virusthing2.pdb
Static task
static1
Behavioral task
behavioral1
Sample
ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781N.exe
Resource
win10v2004-20241007-en
General
-
Target
ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781N
-
Size
409KB
-
MD5
b23232263d0ff718419df3180d3d8670
-
SHA1
194d700b79d7ffa681aaad1fd5010d788a4713ee
-
SHA256
ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781
-
SHA512
7c478b9cf4556539d8cd2a9165d11558a9957f7dc9ae25bd2380c02fa01e37061b6e5717d978eae87e7b074524b390d7f6a78d238240e3e1ffc45a259227c553
-
SSDEEP
6144:YQMmbjV28okoS4oImBvIEtTawRbvbKw4IPCFRvzvU+Yrw:YWoioS/Z6H
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781N
Files
-
ffb7153f30e4206d3e369573d4e7fd7a3c79eab77ea2cf8f631f0dea7c3d1781N.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 131KB - Virtual size: 131KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ