Behavioral task
behavioral1
Sample
ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72.exe
Resource
win10v2004-20240426-en
General
-
Target
ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72
-
Size
520KB
-
MD5
183ac95593844a7b58c4b01a52f32f97
-
SHA1
c75411a599aaa0cd6b71349d59c0381f27c5d47f
-
SHA256
ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72
-
SHA512
a85b32d9b457ad8ddc05015ae894d657e330ef6a94f47fffb91cd74257c052896e2c14045f47500047a73d477266a60939610dfc45f87a1eb9072eaa1d950897
-
SSDEEP
12288:KaTSbL2PPqAbJSFB4L84CRK83KspOQqyXzrSWbwiwkDs1i/IU+oLoSFcigx1/hPP:zeO3bJScN83KsBqKP3k2s1i/vcx7
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72
Files
-
ee3a18ad44e3d4701f0911fef80adbc78024f8ee478f70df3361332d50b40d72.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 764KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 491KB - Virtual size: 492KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE