Behavioral task
behavioral1
Sample
JHGSD37623.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
JHGSD37623.exe
Resource
win10v2004-20220901-en
General
-
Target
JHGSD37623.exe
-
Size
537KB
-
MD5
43f232536b413ebf169141944069ae77
-
SHA1
0efc90691d45072ddd595cc4c2258e2f4bea42de
-
SHA256
a227c96af593108664720742c60c200d370094fb1c2acf8ff5516611917f2c64
-
SHA512
3adb48ae6dcdfbea2ac3bea9439e1d5d44884a3a5d5f3ac31ff9ad7a437f8a877a4ca8a1eda9213d4bced7e5c1181a0197aa957d422620a83fbbc745b0f470f6
-
SSDEEP
12288:g4lThwQGIQilGzWTifG1g6eUtEsx1P5W1Zrr004mTbtoMA:RlTOFq7TifGG66sv5W1Zrndbt
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
JHGSD37623.exe.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 876KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 535KB - Virtual size: 536KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE