kJRf.pdb
Static task
static1
Behavioral task
behavioral1
Sample
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
Resource
win10v2004-20240611-en
General
-
Target
bf419752c9d2cdb915bba91c641ad2b3.bin
-
Size
631KB
-
MD5
e73553a8fa2c34b2a892055cef2300fc
-
SHA1
f816d1e23db7604530e1c8e39d96b2d59781cdfa
-
SHA256
d049dfeaec38a5a20154876085d3773b38278fd8176945d3f2bce9fc82aa2b0d
-
SHA512
11dc9675c3d23c90b31b50ed70f724e543700ac27eeaa32a5ed6de11da26a55f2325c373d7309102643b76b76ed9eb2b800c5eae542eb57c378ee79201793bf8
-
SSDEEP
12288:dpE912x5fuqimLWnVnir7nuFUqbaKQrlLSvcIiJULE8WW1h90NE2tRF:DE91mfuKLaVirb6UiaBrkrpES1hhIz
Malware Config
Signatures
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource unpack001/d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe
Files
-
bf419752c9d2cdb915bba91c641ad2b3.bin.zip
Password: infected
-
d2b5d02ad0207f69484b73eae658c2c08b747b4b3125e8856c5f0df261217f1e.exe.exe windows:4 windows x86 arch:x86
Password: infected
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
PDB Paths
Imports
mscoree
_CorExeMain
Sections
.text Size: 682KB - Virtual size: 682KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 1KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ