C:\Users\Administrator\Desktop\2023CryptsDone\DBasse\obj\Debug\Lenaon.pdb
Static task
static1
Behavioral task
behavioral1
Sample
0738981879dde83f3a14602cfa2842e934a11c5339b460a8dd4c57c778221ddd.exe
Resource
win7-20240611-en
Behavioral task
behavioral2
Sample
0738981879dde83f3a14602cfa2842e934a11c5339b460a8dd4c57c778221ddd.exe
Resource
win10v2004-20240508-en
General
-
Target
50cf2b84679ea401530b7e30d16f166b.bin
-
Size
16KB
-
MD5
d6c9791d41b247051b5315513bd1f784
-
SHA1
e459dbaa31f45d1915e1767616f544cae346678a
-
SHA256
72a61910d0ce3c1796c072b1b7a14574918d3b1e5d5b23727ca8d55473ac3d57
-
SHA512
1bf65e7b97b091d877ef777054c8d87ab4addfe8fdce2f57f7e0f93780da62f7b429cd386bc50178f8c55f4ca5ebdd69e16bdec0279f26c2070140f2e9058115
-
SSDEEP
192:bjB+wz1BfO6+br0HYWNYs4C2hzPY2SW8mVYl/I86wgMzVgidTp01d3IfTe3j+ZtQ:B3xBG9i1rqzgSap6gvFpmGfTeSW0i
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/0738981879dde83f3a14602cfa2842e934a11c5339b460a8dd4c57c778221ddd.exe
Files
-
50cf2b84679ea401530b7e30d16f166b.bin.zip
Password: infected
-
0738981879dde83f3a14602cfa2842e934a11c5339b460a8dd4c57c778221ddd.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 25KB - Virtual size: 25KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 69KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ