Behavioral task
behavioral1
Sample
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe
Resource
win10v2004-20231023-en
General
-
Target
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe.zip
-
Size
38.2MB
-
MD5
0e3146201f6738ff070eb9ab29334ecd
-
SHA1
53068f2e49493a15ba40607091a59670c722e975
-
SHA256
952e1aa5a81e6db96150226f11dde25d2c960ab07cc4e7b422257f607c8f6040
-
SHA512
e33c0453d5d8f83c40e93e3822f6906524e562631cae25825ca6608deb64a5c58db67dea30bd0795d8a7c67e2fdaf95c0fc2cfe600b3dda26a446bbf8dfb6b11
-
SSDEEP
786432:TaSF5INqqoPShiIG2er8u+pbg4ChUf30niyBaQd4iuKB+aXCJrs3aEO6U/0HE:Tao8Vh1MhHhgIAZu5X+Ma0U/J
Malware Config
Signatures
-
resource yara_rule static1/unpack001/056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe
Files
-
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe.zip.zip
Password: infected
-
056e8d271f6dc52b0072afd0481b70550d2249070ec95e1fa6c42aad50ef3a33.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 172KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 92KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE