Behavioral task
behavioral1
Sample
b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe
Resource
win7-20231020-en
Behavioral task
behavioral2
Sample
b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe
Resource
win10v2004-20231023-en
General
-
Target
b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe.zip
-
Size
542KB
-
MD5
7c930880a167bc1403b424bab3f38a8c
-
SHA1
7c9965758afcf813efaa70b54a49255a9b150129
-
SHA256
da15006d05dce6095c20b80c8eb7a5cad9871199c2b54d1805406dffbd16a31b
-
SHA512
7f7e7677770eeb693c526545c8e99289b2a4ab6d5a885311e8a64f7e8ebc037f763c613369ee0dab5405b1162ce1207a81e2f1d0c7d48a9cb54bbebc0315ed61
-
SSDEEP
12288:qzALXPtRwyqxbOsEpqVJsF4HOEcadnJvuwDHigO48O4PELzTDGcf:qRy+Sha+F4uErnNuGig0XsLzecf
Malware Config
Signatures
-
resource yara_rule static1/unpack001/b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe
Files
-
b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe.zip.zip
Password: infected
-
b00e49e906ab45c6c6cbaf9000f2f70d56cbe503f687a62de090a013b0db543b.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 506KB - Virtual size: 508KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE