Behavioral task
behavioral1
Sample
d419bf6343de9408c0c707f50ab1cb4c66825fa8448a6aaef35202043bbebb45.exe
Resource
win7-20220812-en
Behavioral task
behavioral2
Sample
d419bf6343de9408c0c707f50ab1cb4c66825fa8448a6aaef35202043bbebb45.exe
Resource
win10v2004-20221111-en
General
-
Target
d419bf6343de9408c0c707f50ab1cb4c66825fa8448a6aaef35202043bbebb45
-
Size
329KB
-
MD5
212099eab70a0848955ae0b4a0ec81f0
-
SHA1
b85460f23d763ab4af4e2397bf39ebe0639a585d
-
SHA256
d419bf6343de9408c0c707f50ab1cb4c66825fa8448a6aaef35202043bbebb45
-
SHA512
12a702075666a4ee316ccd987506787e85902d548c6939bfae729ee3dc7d4e4f5a96f301ea0d3562619cd1de21828605066f4cd22b55e245381ecff308637568
-
SSDEEP
3072:FrSFhxp7xHSc7qzPKb/0at9ayXAVJlz0rpl:uhxFxy8qeb/9zaw+zyp
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx
Files
-
d419bf6343de9408c0c707f50ab1cb4c66825fa8448a6aaef35202043bbebb45.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 228KB - Virtual size: 228KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 72KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 28KB - Virtual size: 56KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE