Behavioral task
behavioral1
Sample
37c78bff561491a320de992ff41277fd830e100c5ae3e7e83427f854b13c6355.exe
Resource
win7-20220812-en
General
-
Target
37c78bff561491a320de992ff41277fd830e100c5ae3e7e83427f854b13c6355
-
Size
4.0MB
-
MD5
2701033d21e002170ba74701bc43e318
-
SHA1
61b2e6a1e5cbe0ef2f7e29234af2e703e0698aeb
-
SHA256
37c78bff561491a320de992ff41277fd830e100c5ae3e7e83427f854b13c6355
-
SHA512
fcf656986080282380a4fa6b8f5931bbb594b7ad18574d2a96224f5fd94318bd7cf5a07b4acfadbd8c2400a4b817b47a390f90f2eb905d946f486b426eb1fcb4
-
SSDEEP
98304:qzFhhI+mgePySZ2oVAtIoz7T9St0d51nOwX13NMTV3kNiy1m:qZhhZ1eq4Atwt0dGwX138VkNiu
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
37c78bff561491a320de992ff41277fd830e100c5ae3e7e83427f854b13c6355.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 9.8MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE