Static task
static1
Behavioral task
behavioral1
Sample
Tweaks.exe
Resource
win7-20241023-en
Behavioral task
behavioral2
Sample
Tweaks.exe
Resource
win10v2004-20241007-en
General
-
Target
Tweaks.exe
-
Size
1.4MB
-
MD5
e12573c2603b2e3d18faac68f42c36ec
-
SHA1
77e7dadde05bef60480866cf389a086141e2c22a
-
SHA256
40409fa2936a49876d650e74644bb18366cbbfb3d28a97aad6f833b02394ab2a
-
SHA512
9bbed974100cabf0b0dc497a98201dbcd5d41c03024356c28f28425408a3bf02bf97c71a74272ca4b40cc2dd5446906cb52d1899216ecdd7221f414754851039
-
SSDEEP
24576:qGxbVqOuF8HcZb6eKdQvpqyLsUoeHfL9Om5aIImgD9cQqQ2Yg86pJfySuN2L/FJD:9VqOQs86ldQvjsoFTMcjYg8kfyxN23hX
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource Tweaks.exe
Files
-
Tweaks.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 1.4MB - Virtual size: 1.4MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
PEHEGICv Size: 512B - Virtual size: 22B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.???? Size: 512B - Virtual size: 276B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ