Behavioral task
behavioral1
Sample
213673168f370f51174797f28e73253f.exe
Resource
win7-20230220-en
Behavioral task
behavioral2
Sample
213673168f370f51174797f28e73253f.exe
Resource
win10v2004-20230220-en
General
-
Target
213673168f370f51174797f28e73253f.exe
-
Size
3.2MB
-
MD5
9e44ac603574d344920aaa74a6cd2bb6
-
SHA1
f623a2f3162674155fc8554e389e266fb65e62c3
-
SHA256
38914bfeed6d21a380f9a570fd30322ec8dc514e79e3e376e845683edbc53370
-
SHA512
a0ddc88417112f812c046a9675b6d4dbaa57aa85a268572f81a4292da62c123aeddff0acc72587210a0274848f4ef83239ef7e13bc161e5e8086b902a9d25782
-
SSDEEP
98304:QBX05pKHu6+u/RTqdtLp/m82V8yES7/OpsAxQX:l5pE/9pIRp92VvFz2s0
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 213673168f370f51174797f28e73253f.exe
Files
-
213673168f370f51174797f28e73253f.exe.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 20.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3.2MB - Virtual size: 3.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE