Behavioral task
behavioral1
Sample
b9516cc516f720bc593bba359678144a6850f8dd003011cca30e026665a4474b.exe
Resource
win7-20230712-en
General
-
Target
b9516cc516f720bc593bba359678144a6850f8dd003011cca30e026665a4474b
-
Size
539KB
-
MD5
9ec8fd10620502a1f2a2772edf2c3749
-
SHA1
c0b23737b0b8f5805eff03f44587352d56ef9f65
-
SHA256
b9516cc516f720bc593bba359678144a6850f8dd003011cca30e026665a4474b
-
SHA512
cd95882bf723aeda460fd7c53207a70d972fac7e2084707a81c96ed1d6c36ac6e88d3471e327a7f195fd04f08668f9fdb99c9ccab33c58786f7f8a20c16f8c35
-
SSDEEP
12288:KhymnwJFPNdgBAEHApqePJN1AmLM7uVq9sSJx5:KUmwrl2Ao7sJNlM7ymsSJ7
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource b9516cc516f720bc593bba359678144a6850f8dd003011cca30e026665a4474b unpack001/out.upx
Files
-
b9516cc516f720bc593bba359678144a6850f8dd003011cca30e026665a4474b.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 760KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 529KB - Virtual size: 532KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.data Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ