Behavioral task
behavioral1
Sample
f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3.exe
Resource
win7-20221111-en
Behavioral task
behavioral2
Sample
f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3.exe
Resource
win10v2004-20220812-en
General
-
Target
f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3
-
Size
522KB
-
MD5
a88804df7c6251593f434a92c003b45a
-
SHA1
04ff9bc8ba3f1cf385264b29e95879509a5265cf
-
SHA256
f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3
-
SHA512
b8f7c858bf96e90961215552f5f75d45494408831d3e461f7eb4ac592621bdd9e7b502c4c821f5e88d1d9d595978f433973626a6c3a3827a271d220b8bc0cf74
-
SSDEEP
6144:nD5Xo4M9wSC3GorZw7MZ6hXuvCc2ZqRNE84Peo6Sfem8rxyvW0b2+wJ0oFjSdMll:+4Mywg8OC9Zq7w6SfemoxJAa2oUmJB
Malware Config
Signatures
-
resource yara_rule sample upx
Files
-
f1cfb0e69444e6434feeabadfa3a3fd8d0fc86ef6df075c05e65f3303ec37aa3.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
�PX0 Size: 56KB - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.A.Vi.RA Size: - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.F.U.C.K Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE