Static task
static1
Behavioral task
behavioral1
Sample
earlyBuild.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
earlyBuild.exe
Resource
win10v2004-20241007-en
General
-
Target
earlyBuild.exe
-
Size
6.1MB
-
MD5
c78621d331c1b49744b469ba7dd7f414
-
SHA1
83eb55f7728c7f9d7cd83d398ab1ced176b082b6
-
SHA256
912e2b3852a85d651a08efe238290f759bbadebbc79772b989aaa57b5857e4ee
-
SHA512
cd195b0338659e8d295f9ed2eb8d3002487c3c1320935197dfbcc195e2af8940aec8933251f2e4df3a91ebeeba2fa8074f51b606ccb040200476e6ac467ee0d0
-
SSDEEP
196608:bSkSIlLTUcwti7TQl2NgVg01MWAXAkuujCPX9YG9he5GnQCAJKN:OkSopwtQQl2aOtXADu8X9Y95GQLJ
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource earlyBuild.exe
Files
-
earlyBuild.exe.exe windows:4 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
.text Size: 6.1MB - Virtual size: 6.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 5KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ