Behavioral task
behavioral1
Sample
1bdb5031c8e1205e51584af4f3328058.exe
Resource
win7-20230831-en
Behavioral task
behavioral2
Sample
1bdb5031c8e1205e51584af4f3328058.exe
Resource
win10v2004-20230915-en
General
-
Target
1bdb5031c8e1205e51584af4f3328058.bin
-
Size
77.9MB
-
MD5
1bdb5031c8e1205e51584af4f3328058
-
SHA1
c59e1e9399695115ea84d1f66fbcfce0e8dd583d
-
SHA256
7eb0590065da452451256672bd47329e64f9bb45c5d6c912e76af467c4e66b7e
-
SHA512
4f413df7f994348d86cf23b6bbcc58850315b05d28b4521c91c3d87c966ba1b2c52b3d2f41be273a79c985fa306d7c0ecab6767e9059fdfe8b45b48439ca0545
-
SSDEEP
1572864:EuQ7ZS1ril7h9rW1LrKiqm2T17nD0Cw2ak1QOIQFzfIAcI0iy:MZSBM7h9QLfqmY1DiJkIWzfIAcHiy
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1bdb5031c8e1205e51584af4f3328058.bin
Files
-
1bdb5031c8e1205e51584af4f3328058.bin.exe windows:5 windows x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 220KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 124KB - Virtual size: 124KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
main.pyc