Behavioral task
behavioral1
Sample
ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264.exe
Resource
win10v2004-20230915-en
General
-
Target
ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264
-
Size
6.0MB
-
MD5
f4ab1b42d214bf08b07e1678eaa91aaf
-
SHA1
dc74a1ed442abf0f2e7cc7f1b0d1ea88ed8350a0
-
SHA256
ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264
-
SHA512
15fc6384631cf97b3a2d8c9e314867206b6e0e6859a49df661da663782e1ae78c812ea707ddf26930faa5f452f01f70ddebfb51b749542b7c8879ff373685ad9
-
SSDEEP
98304:SCt1JY9zA6L+d9ggTr5oCQn+ae4lPI7TCXAFRab/6/k4z/xZXIVdbs2I:Sw1J0zApqar5o+NzCXcRaT6/k4zxZYV+
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264
Files
-
ff2c31d7ff4d0d36fbe7920948462cba68a8f68a8972471eb20799fd4f219264.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 15.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 5.5MB - Virtual size: 5.5MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 426KB - Virtual size: 428KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE