Behavioral task
behavioral1
Sample
04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c.exe
Resource
win10v2004-20221111-en
General
-
Target
04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c
-
Size
116KB
-
MD5
ef17d21ad9cdab3c972b9e925b1ceb33
-
SHA1
46358cea22fefaa33bd27a004b2e7903cbbf6190
-
SHA256
04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c
-
SHA512
33d3eecf88f984c5689ee1c33bb412089c81c4a52df81ad6d8038bd0533f370354bf55b0dc89eb8c8fdd0916a070d97612c2eb75901ecf7f44fb21f4bbb7f83c
-
SSDEEP
3072:CKjMubeiPfNEtjiJCxGGd/6Gh2CQeBnXvQfoyEaG:CKjbeZhJGGxh2nGXvQAxaG
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
04778872ebfe19afd240d9242b58e7b6236c199d7edf3c21c974e40998ae0f1c.exe windows x86
c92746cd3b69c56e5c4ed6d3f9854fa1
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Imports
kernel32
VirtualFree
VirtualAlloc
FreeLibrary
VirtualProtect
GetLastError
CreateMutexA
ExitProcess
GetProcAddress
LoadLibraryExA
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
user32
MessageBoxA
wsprintfA
Sections
UPX0 Size: - Virtual size: 316KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 106KB - Virtual size: 106KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.ex_cod Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE