Behavioral task
behavioral1
Sample
14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94.exe
Resource
win7-20231025-en
Behavioral task
behavioral2
Sample
14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94.exe
Resource
win10v2004-20231023-en
General
-
Target
14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94
-
Size
1.5MB
-
MD5
b054ee4f2089b22b773dba76a1621816
-
SHA1
e0a15de083bd92c0ba280d17a2393976913528a4
-
SHA256
14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94
-
SHA512
785bdd0ff3d3e43f5e61aa57163d8da5c13a8ea4f86ba763d630d5c0009fc874e3749b26271cd77295b1ad9fb291f5afaa76358683dbbea3d29b14b986a7dd7f
-
SSDEEP
49152:6AZQ3Fq+usSlPfOwPpMRQO4eAsqWH6zRV:6Ai3kpsihPpM3fd6zRV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94
Files
-
14b0795f18ad96e7ac29eb5e7e2519ed0e9010f334d5198f6b4ec92ebd0e0b94.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 5.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 268KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE