General
-
Target
Activator.exe
-
Size
138KB
-
MD5
1fa1a7496f4010bdcda974d0df6c8fbf
-
SHA1
40db1b6ea30cfa88a465574e74b8c3ff198d4de5
-
SHA256
5dfcdac971608bb3046241bdffc51d41db7a0412b83f5abfd729e80abcf70ce8
-
SHA512
45c3ed85528cfd697a5bf63f20ee6531c50979dd6f6b8a7560e0c9c0360c7e7b1e6c77eb1ad31a07417e09f99f9ef9962f20888a15e820897c62bc007d54727d
-
SSDEEP
3072:tTxMbEowk61urjzjSZfr5c+qNWhsdLJI8nhhapIkUuAhHm4d6glYDWI2hFMout:tdMYoO0jwZPaRhYjgHJd6WYCh7MoS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource Activator.exe
Files
-
Activator.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 192KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE