Behavioral task
behavioral1
Sample
2fd415e5f87962cf5a7f744e2dcbe54154e67702087353e6fd4f4ed06c63b545.exe
Resource
win10v2004-20220901-en
General
-
Target
8497920316.zip
-
Size
1.7MB
-
MD5
5bde7b68e03b5dbc41cb611940e8798a
-
SHA1
b2fc5bef08d7cec7cbf160b4e7403bf0d59bcaeb
-
SHA256
6af64d57c2a5dfd7ccc96cd5c874b775f94ae870225410efbd70ba75b59b8fb5
-
SHA512
7aa6e804188b29185c404626330ad54c3e34586d9b7ee3847eb20d95156b87bbb25c032383233ffa5137e08ba3e5fb788a13ddc7109453d6a0df696c75d0e686
-
SSDEEP
49152:l3JGHALEn3ZqD/ReZQyvjrIi/z4s9WWRi57n:pJs/noD/RILrpNipn
Malware Config
Signatures
-
Processes:
resource yara_rule static1/unpack001/2fd415e5f87962cf5a7f744e2dcbe54154e67702087353e6fd4f4ed06c63b545 upx
Files
-
8497920316.zip.zip
Password: infected
-
2fd415e5f87962cf5a7f744e2dcbe54154e67702087353e6fd4f4ed06c63b545.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 524KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 278KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE