Static task
static1
Behavioral task
behavioral1
Sample
DOCUMENT FILE.exe
Resource
win7-en-20211208
General
-
Target
3273840f7c787605a57e054dc76e740e75e58061f309a18b481c0e41d0738f73
-
Size
303KB
-
MD5
2da74cb135cb2324bb1ffa2a6032306e
-
SHA1
c67afe84724d414c4c6a40801cf3d11e3f8f96bc
-
SHA256
3273840f7c787605a57e054dc76e740e75e58061f309a18b481c0e41d0738f73
-
SHA512
91c8f1570c418d38f0b5de2f8f72101dec5bce3da10e5c7336a4925966d2f052dbff071c3d35aa300ac8dcfec8b38956edee23b7c2cf7e63a3b1a37d2c9f516f
-
SSDEEP
6144:GbAfdpMfJNqkEsbMwx9jcdCEa6pR16To2TqUs9DerdikU0i1:GKWJNdt39Iw41h4Ts9DCdiR0i1
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack002/DOCUMENT FILE.exe upx
Files
-
3273840f7c787605a57e054dc76e740e75e58061f309a18b481c0e41d0738f73.ace
-
out.ace.ace
-
DOCUMENT FILE.exe.exe windows x86
Code Sign
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 67.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 328KB - Virtual size: 332KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 30KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE