_MyFunc1@4
Static task
static1
General
-
Target
acd123090b9da814081c84b6dd84dfa6c479b71c.rl.zip
-
Size
423KB
-
MD5
2350ee6028368620e61dba938ab3c1fa
-
SHA1
a9c3853232be11c34353257a066772e53d99db8d
-
SHA256
60cf7367fcf9e2552194bf649bef358ae65a3576df581f49775438b9c8ebe7e2
-
SHA512
1d9a6f0590c4da435018bc2dbcf9aca0dda58f084789bc8ed5e5aa590b8d615b121981d0d14570f26c903cede770d77f2f04b8fd811ae748744c5efd60ec4cfc
-
SSDEEP
12288:CKGUeP2HpjVkdy8QgrS5ZZT4ifTy4gqVn2bK:jekVks9XT40Ty4nVn2bK
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/acd123090b9da814081c84b6dd84dfa6c479b71c.rl upx
Files
-
acd123090b9da814081c84b6dd84dfa6c479b71c.rl.zip.zip .ps1
Password: infected
-
acd123090b9da814081c84b6dd84dfa6c479b71c.rl.exe windows x86
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Exports
Exports
Sections
UPX0 Size: 136KB - Virtual size: 136KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 505KB - Virtual size: 508KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE