Scan Result:
f9a5a72ead096...b114a37d1a7db
Sample Information
| SHA256 | |
| Sample Name | |
| File Size |
538.0 KB 550912 Bytes |
| First Seen |
2024-11-19 01:42 UTC+0000 11 months, 2 weeks ago. |
General
| MIME Type | |
| MD5 Hash | |
| Architecture | x86 (PE32) |
| Compile Time |
2022-05-07 06:45 3 years, 5 months ago. |
| Image Base |
0x400000
|
| Entry Point |
0x6d61e
|
PEID Signatures
Microsoft_Visual_Studio_NETMicrosoft_Visual_C_v70_Basic_NET_additionalMicrosoft_Visual_C_Basic_NETMicrosoft_Visual_Studio_NET_additionalMicrosoft_Visual_C_v70_Basic_NETNET_executable_NET_executable
File Meta Data
| File Description | |
| File Version | |
| Internal Name | |
| Legal Copyright | |
| Original Filename | |
| Product Name | |
| Product Version |
Matching Rules
| Rule Name | Rule Type |
|---|---|
| YARA_SHADOW_COPY_DELETION | YARA |
| Detect_Interrupts | YARA |
| YARA_Detect_RDTSC | YARA |
| YARA_XOR_Hunt | YARA |
Matching Techniques
| Technique Name | Technique ID's | Snippet(s) | Rules(s) | OS |
|---|---|---|---|---|
| Volume Shadow Copy Service (VSC,VSS) Deletion | U0305 T1070.004 | |||
| INT3 Instruction Scanning | U0105 B0001.025 | |||
| INT 0x2D | U0129 B0001.006 | |||
| ICE 0xF1 | U0130 | |||
| RDTSC | U0126 | |||
| XOR Operation | U0701 E1027.m02 |