Static task
static1
Behavioral task
behavioral1
Sample
sales payment.scr
Resource
win7-en-20211208
General
-
Target
0119816beb0867ee59fb60a33670e657cd6bdf23f664eb782ebf6c8352b8e203
-
Size
680KB
-
MD5
82d5c72a08aa4f34539f445f1ddbfe24
-
SHA1
7fc99364d01393449e2e8add5a62ddb28336195f
-
SHA256
0119816beb0867ee59fb60a33670e657cd6bdf23f664eb782ebf6c8352b8e203
-
SHA512
2cb849476e5372691b102008ef5ce52f422f6822259bf56c4caa0710a55facd416e4a90eefaaba970e2b0b83c5ef577ac5c45d5b0c131b1670e5935ca7f833f5
-
SSDEEP
12288:m7WoEtBZpHwgxS7wMZ3htcOj44F3xeCD4ntTw37T+541u/soH7nUX9AzYR:m7W3tBZ7xS7ZbT/lxUKP+Mu/VUtAzk
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/sales payment.scr upx
Files
-
0119816beb0867ee59fb60a33670e657cd6bdf23f664eb782ebf6c8352b8e203.rar
-
sales payment.scr.exe windows x86
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 876KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 341KB - Virtual size: 344KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 369KB - Virtual size: 372KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE