Behavioral task
behavioral1
Sample
6887d464de15c16817ac29691421057287cea53814ad4cf202a638517bae43b3.exe
Resource
win7-20220812-en
General
-
Target
6887d464de15c16817ac29691421057287cea53814ad4cf202a638517bae43b3
-
Size
4.0MB
-
MD5
4a2b213211dbc65fd1877a2d7a2626da
-
SHA1
fc5a18b4fafae55619053c6f8c3210111ab9ba0e
-
SHA256
6887d464de15c16817ac29691421057287cea53814ad4cf202a638517bae43b3
-
SHA512
2a42d0352d07427588927943c37d6c715640f6e680e7de971f99b57fbe62456853965f553039961a01ded25014bf44b84b3ba122aabbfaa046eaf8a4fda30779
-
SSDEEP
98304:/ZQ+nRBCVoJaDN/DhGW6nT1EHyg9gaSngzWFQo92/k5:/ZRnRpaDN/FraiS8/aeo92U
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
6887d464de15c16817ac29691421057287cea53814ad4cf202a638517bae43b3.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 9.7MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE