Behavioral task
behavioral1
Sample
51040-1115-0x0000000000400000-0x0000000000C5C000-memory.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
51040-1115-0x0000000000400000-0x0000000000C5C000-memory.exe
Resource
win10v2004-20241007-en
General
-
Target
51040-1115-0x0000000000400000-0x0000000000C5C000-memory.dmp
-
Size
8.4MB
-
MD5
80a2e230938e5e945eea1b67fd37b01d
-
SHA1
7446f2fc25e7c2d9305f67551b276e820ce6544b
-
SHA256
7b093e4c3aff035ffca3070945a3b5b6272c4dc4daf500fc2a2e5bded094ad5b
-
SHA512
d0a47afe3145afe44dc45896daf84010ab7c0de918ccdfe291ea942a0baca65b2f262d1887b7f91d3c25c1468038fee0cd18c447dca935906f4a3423080851f7
-
SSDEEP
98304:vjilzQ+NgKuDE0fAgPslaV5wi/w02A+ZR:85huDER4Gas0YZ
Malware Config
Signatures
-
Gcleaner family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 51040-1115-0x0000000000400000-0x0000000000C5C000-memory.dmp
Files
-
51040-1115-0x0000000000400000-0x0000000000C5C000-memory.dmp.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 117KB - Virtual size: 116KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 49KB - Virtual size: 49KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 3KB - Virtual size: 7KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 480B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ