Behavioral task
behavioral1
Sample
sample.exe
Resource
win7-20230824-en
Behavioral task
behavioral2
Sample
sample.exe
Resource
win10v2004-20230703-en
General
-
Target
417542fd4be726db4e9ce3c24eb26f9b7c82cfaea1f918ced567c67a098fd2a6.bin.sample.gz
-
Size
4KB
-
MD5
144e6744c42df880af8299ebe6162164
-
SHA1
fc14f3addcee417a8269179be1c6615dec933dcb
-
SHA256
471fee4a466216315b81d031cc48a08ea49a780d536cd9a44f20741806fabbf5
-
SHA512
f1b2c2a8dce585159433e7ca908293aabe483f6c802645abd866b101e41300275957b425eb1f7760db9932370a64f1a297d89a23ab16dd22435b1e54818e80b0
-
SSDEEP
96:kd1NIwIgJHYehD/GehDqedYLnbhZS+tuHU71x/:kFYgpVhDonbhZuwr/
Malware Config
Signatures
-
resource yara_rule static1/unpack001/sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/sample
Files
-
417542fd4be726db4e9ce3c24eb26f9b7c82cfaea1f918ced567c67a098fd2a6.bin.sample.gz.gz
-
sample.exe windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 20KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 444B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE