Static task
static1
Behavioral task
behavioral1
Sample
050f45028831717259d3270306c7cfae152289af950abcf7b83548ea3e8b4c38.exe
Resource
win7-20240221-en
General
-
Target
050f45028831717259d3270306c7cfae152289af950abcf7b83548ea3e8b4c38
-
Size
232KB
-
MD5
50fc3d172fd66f7aaab43f8fe1f20d71
-
SHA1
bd393ab0e814c7440a58dac646dfa1384a129ac6
-
SHA256
050f45028831717259d3270306c7cfae152289af950abcf7b83548ea3e8b4c38
-
SHA512
d22210087e5017349c77f0e0921a9c2cb1ed6d50f5c85b991ee9797ea91a7a179bae0127fa7e8f2b8dd5b4252d41a971e63ef028444041d4e3718a7f3fc1b662
-
SSDEEP
3072:ymb3NkkiQ3mdBjFo7LAIRUohTF/SjSrbzLAuBjfwFOmoFzMvUpGqC5n+4:n3C9BRo/AIuuFSjA8uBjwI7FjpjC5+4
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 050f45028831717259d3270306c7cfae152289af950abcf7b83548ea3e8b4c38
Files
-
050f45028831717259d3270306c7cfae152289af950abcf7b83548ea3e8b4c38.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
Size: 47KB - Virtual size: 156KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
petite Size: 274B - Virtual size: 274B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ