Behavioral task
behavioral1
Sample
3c4ae55e479c695d5aa5dc9ee43d94828d15c5704fafa94fb8123ef7a25485c8.exe
Resource
win7-20220812-en
General
-
Target
3c4ae55e479c695d5aa5dc9ee43d94828d15c5704fafa94fb8123ef7a25485c8
-
Size
4.0MB
-
MD5
153512c6b4ff21d7292831b08dbf6bab
-
SHA1
724501816dd397a985cca95edd912d73122e6887
-
SHA256
3c4ae55e479c695d5aa5dc9ee43d94828d15c5704fafa94fb8123ef7a25485c8
-
SHA512
8d246a8e66ba6ea1dc900e48a9247f4f6baa23f52821c54d926552ea0c47e566e518798d51d5260e2078ef55650d83761e4b3c74d105f9cfeed4d16b495d6a0c
-
SSDEEP
98304:vEUWrIfLfc71k1IbBZVnQrDK+zRvL/YvhQgpR2P6IMsS:vEUWrafciybBZVm1NL/yLs6Ia
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
3c4ae55e479c695d5aa5dc9ee43d94828d15c5704fafa94fb8123ef7a25485c8.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 9.8MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE