Behavioral task
behavioral1
Sample
b00873e05729f1a9924e57e66594cfda4af9869824ee3a5069aad9de0fc37411.exe
Resource
win7-20221111-en
General
-
Target
b00873e05729f1a9924e57e66594cfda4af9869824ee3a5069aad9de0fc37411
-
Size
411KB
-
MD5
8ad534532990d0621cf1786d380ae9dd
-
SHA1
9c1ccd4ff0874f2912dadebd318bf44886d9f1f4
-
SHA256
b00873e05729f1a9924e57e66594cfda4af9869824ee3a5069aad9de0fc37411
-
SHA512
3a36a93740e2cd8805372522bfe7149802f0891977e2a0dbb2b50362966fa586e4854807bdabcdc9fdd34a40908d607343cfda1a2c27174b8aeaea4ee296c7dc
-
SSDEEP
12288:mlghoSqHNJ/Jj0l5e7kurPQHr5wv1hlajScDlu:sg2HNb0lM7z0Wv6Dlu
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
b00873e05729f1a9924e57e66594cfda4af9869824ee3a5069aad9de0fc37411.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 80KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 52KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE