Behavioral task
behavioral1
Sample
e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4.exe
Resource
win7-20230621-en
Behavioral task
behavioral2
Sample
e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4.exe
Resource
win10v2004-20230621-en
General
-
Target
e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4
-
Size
3.9MB
-
MD5
34a235fdc43f957ebf88954c02b22dc0
-
SHA1
c95ce80d54a06cc4f7a9ef7c7bb8e4d1e83fd26a
-
SHA256
e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4
-
SHA512
b1a0260c0588e3d382c6aec974f06f4fb2158f02a0507f01126a1827ede614f5e453bc0e484015421b715b518b8409ee993a1ee7c89652e87e12764f18947b99
-
SSDEEP
98304:eUmpUtRJ0zWZP5lkYfGm9nOe4vxHuzQm0WncCyC0vha:e5pUZ88P8OGm4e44Mm0WncrC
Malware Config
Signatures
-
Processes:
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4
Files
-
e5c484feba165e276a4554b664dbfeae684c0be9e2fe076b55f460b7b06db0a4.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 383KB - Virtual size: 756KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rdata Size: 3.5MB - Virtual size: 9.8MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 24KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.zyjsq Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE