General
-
Target
WinterOSVisualizacionLTSC21H2.exe
-
Size
449KB
-
MD5
2079ef25b5158ce3ec8885558779eff7
-
SHA1
64331727c197ba55935fb0d26b9242a1e86a9470
-
SHA256
25647c99674d76e8278f916f4b872ec064eeadab50b2a14290e5a5816d8e054c
-
SHA512
1331fc4d59ec11f3d67650e79f36b718ed7a031283a38a803aa4fe081bf6f5e0fe3535909fb74d29812f11f9f6d056aa358f6645c35790191e7573cc79b218a6
-
SSDEEP
6144:swUdXtPW7OT+D0Xwoa3SzjzGyAoojMN04pLk8Fsm93Fnmw7oSbDr2:TyXtPWRD0XLUjbeLkSRFnr7oSa
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource WinterOSVisualizacionLTSC21H2.exe
Files
-
WinterOSVisualizacionLTSC21H2.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 128KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 380KB - Virtual size: 384KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE