Behavioral task
behavioral1
Sample
94b48f4724d4dde4518a4ced4aa18d7d_JC.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
94b48f4724d4dde4518a4ced4aa18d7d_JC.exe
Resource
win10v2004-20230915-en
General
-
Target
94b48f4724d4dde4518a4ced4aa18d7d_JC.exe
-
Size
414KB
-
MD5
94b48f4724d4dde4518a4ced4aa18d7d
-
SHA1
35dbc9a4d0f1079a81ce6279272bc3d3296969b4
-
SHA256
5c17c96de134820158f1bd7b243b9ec406cb4e87eaa5df9eb169096adf54923c
-
SHA512
e0d3b17ab9111bf0964a0d84b00386f48ec8e5fd8c8c333e127c2c1402a30e4f6d4b61a5b0a12d9067b204e66725b0d810c7f413dc98f2e056739151a42e8b6c
-
SSDEEP
6144:TL+rqBloJJn3VvK6WraTQDJpZ8bS2bSSLm3hlbSYZbSxbSxOcnkP+6bfbSRBl:TLySlYJZK6WrxDDgfVYXleOOz+A4Bl
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 94b48f4724d4dde4518a4ced4aa18d7d_JC.exe unpack001/out.upx
Files
-
94b48f4724d4dde4518a4ced4aa18d7d_JC.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 168KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.bss Size: - Virtual size: 145KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 24KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE