kabK.pdb
Static task
static1
Behavioral task
behavioral1
Sample
20f9d4cf5cd85fa7cf0d58b55409f75f9af0b952d3b573bffdd21966d9a3f396.exe
Resource
win7-20240903-en
General
-
Target
20f9d4cf5cd85fa7cf0d58b55409f75f9af0b952d3b573bffdd21966d9a3f396
-
Size
874KB
-
MD5
ea88221032446b622d7eff19a69ed29e
-
SHA1
6c7eadbcf9fc41ee45f7cb563ff0ff88af994e19
-
SHA256
20f9d4cf5cd85fa7cf0d58b55409f75f9af0b952d3b573bffdd21966d9a3f396
-
SHA512
8d45c9fc409a36797a286a9421129915340229ed2ac0f1debc8e771627585eaf05b771d95577868f37829847e2857edd8cb4f2fb97a02a33897866b6683dd4f9
-
SSDEEP
12288:hTv8mVjThzhX7YmLTDHR8fAM9Bh/sSKVXEcZGdpm25TVqo9aTcfa6I81UX:BvdPZhX7bE9BnEjZGdpm2dVrIsad81c
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 20f9d4cf5cd85fa7cf0d58b55409f75f9af0b952d3b573bffdd21966d9a3f396
Files
-
20f9d4cf5cd85fa7cf0d58b55409f75f9af0b952d3b573bffdd21966d9a3f396.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 871KB - Virtual size: 870KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 2KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ