Behavioral task
behavioral1
Sample
4432.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
4432.exe
Resource
win10v2004-20220812-en
General
-
Target
a49ffedc2cfebc7775a6ac50430f8bbc6ad8b5a13f626655ccea1379aaa56257
-
Size
495KB
-
MD5
61423deafbd5d07879760ed7990454d3
-
SHA1
931f04f9beb5163b76df32a71ba7b57f27bbec52
-
SHA256
a49ffedc2cfebc7775a6ac50430f8bbc6ad8b5a13f626655ccea1379aaa56257
-
SHA512
5b550aea936cea2462364111e50fd1f883299371c26da7d0cbaa8d90b9eda32c9b21cef1e8db7b016fa25e56baf130335002625f370559ee9e93999249a817bc
-
SSDEEP
12288:ehjxAKOlBENtNTLdVvkvUyd0x5U+FKBwF3f2Iun0:+il2t5M8yd0jpFKex2Iun0
Malware Config
Signatures
-
resource yara_rule static1/unpack001/4432.exe upx
Files
-
a49ffedc2cfebc7775a6ac50430f8bbc6ad8b5a13f626655ccea1379aaa56257.cab
-
4432.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 120KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 510KB - Virtual size: 512KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe .vbs windows x86