Static task
static1
Behavioral task
behavioral1
Sample
FGD0987678000.cmd.exe
Resource
win7-20240903-en
General
-
Target
FGD0987678000.cmd.exe
-
Size
461KB
-
MD5
5c0ef516f2e1cecf656358b495e0d05f
-
SHA1
ef655931d08bd2a9839d6bcc4cab23499b8ac013
-
SHA256
234c88ce76cde3cb4510ae1532863bb3c29efa0e94889d5dd30818f084c3b958
-
SHA512
6fbac4bc8ee8b872860478b1eae3e86cd9149b8b13592349e7a9ab4118b9063b5c89987de9cd0a59ccf8f3be690521faa0abf71d97cc1ca8e8933b2e110667ab
-
SSDEEP
12288:NJOr0Yb59iAIYhQZSjNx+bZzT4yoQ8BTjIzW62JVbY:Ng7jC2nZtpbY
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource FGD0987678000.cmd.exe
Files
-
FGD0987678000.cmd.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 458KB - Virtual size: 458KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ