Behavioral task
behavioral1
Sample
8bd2dd46a89b528173ab43e9b1ce7263754e252ef804380bbcc4b2f21784d2da.exe
Resource
win7-20230712-en
Behavioral task
behavioral2
Sample
8bd2dd46a89b528173ab43e9b1ce7263754e252ef804380bbcc4b2f21784d2da.exe
Resource
win10v2004-20230703-en
General
-
Target
9b6ac215a295b229d2e4e3565ee7908e395df4922b316521eba74f4d767d2851
-
Size
5.9MB
-
MD5
b75a251345cff3a4dd91bb9e7ed8d528
-
SHA1
002887861bdeb1f2393c7c2b11f4bbcb4d22bdd5
-
SHA256
9b6ac215a295b229d2e4e3565ee7908e395df4922b316521eba74f4d767d2851
-
SHA512
e7fa6c9d12aa4d4988448123dd8a3eaa8194bccea21669fc97faea4dbf027dc16f9d7a0dd00afde5c21290ff25ceaa4132c2ecf8c4e3eda742a2505e83632f84
-
SSDEEP
98304:M/cInqoAMef4ygR8WVt940xTKs+4ClkFOib2vWksMBKsb6cocQ3y+tHzoB1:uPnqvf49+/PNJiCvWkDKs0i+tHo
Malware Config
Signatures
-
resource yara_rule static1/unpack001/8bd2dd46a89b528173ab43e9b1ce7263754e252ef804380bbcc4b2f21784d2da upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/8bd2dd46a89b528173ab43e9b1ce7263754e252ef804380bbcc4b2f21784d2da
Files
-
9b6ac215a295b229d2e4e3565ee7908e395df4922b316521eba74f4d767d2851.zip
-
8bd2dd46a89b528173ab43e9b1ce7263754e252ef804380bbcc4b2f21784d2da.exe windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 19.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 5.9MB - Virtual size: 5.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE