Behavioral task
behavioral1
Sample
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0.exe
Resource
win7-20230220-en
General
-
Target
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
Size
1.3MB
-
MD5
cef823eb157b4fa0e8524ed48307f345
-
SHA1
60d5405cbde42850c6d6f9fc5b7fe1773a720f28
-
SHA256
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
-
SHA512
7b7afd582955f000d62b63f4159d68b7f9d45b8c685e3ad0992ae1eef638cc6e15636adf0dc9fbc6373fd3c58f44f46bf74dfb37a7bb9ec3eae6c74a21b53abc
-
SSDEEP
24576:Dqmi8tpifdQ8ABVABskA1rz4B8VzWhRTOdlmuC/uZ7R9Ti1wGJRQvZ:umi8bifd+VABnYra3nTOhlxUwGs
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0 unpack001/out.upx
Files
-
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.8MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 19KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 644KB - Virtual size: 641KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 2.1MB - Virtual size: 2.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 88KB - Virtual size: 313KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 36KB - Virtual size: 35KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ