Behavioral task
behavioral1
Sample
4f6e83875bb61b2d794fa100b43e87bf06c012799409d892becb09def3b4d6e6.exe
Resource
win7-20220812-en
General
-
Target
4f6e83875bb61b2d794fa100b43e87bf06c012799409d892becb09def3b4d6e6
-
Size
4.0MB
-
MD5
70de0cf44ccd52c8faba4aef6c1e8b59
-
SHA1
66257f1712e6c9ebd70a0f89cb4675fab4cc5c57
-
SHA256
4f6e83875bb61b2d794fa100b43e87bf06c012799409d892becb09def3b4d6e6
-
SHA512
bf4f0a4c23785e4b5d5f1b93a725006ea1bb4b2e6ec9f0f61d971cb093ce05dc26d045ebec866fd2c1ab8b791ec2320dd2924a4c627bdd79a56c3d9a08695d9c
-
SSDEEP
98304:IX1MQCOeMz+YnQ/F+d65dEWAHU51T+4YM2qXelXDiuAm7mx:8ewSYQeWAHU59+4YM2qAX2uAm7mx
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
4f6e83875bb61b2d794fa100b43e87bf06c012799409d892becb09def3b4d6e6.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 9.8MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE