General
-
Target
ScreenPayload.exe
-
Size
1.0MB
-
MD5
e661374c3cdb43564d8e186ec8dae2f9
-
SHA1
cd4b15e0d3358f0e30fa1e7b1b78fecfc5d858df
-
SHA256
c1acbb7b7e3efb46f0d556bd6fd014e91b34a11442bf0fc4cd62b33bcdbee81b
-
SHA512
bb045ad326738cfdeace0170affbbcc01914ffc0e62f13383442513c89405560a26725a74bbd23587c82daee051bcfda90df4ad9a9fe5d14252c61a520036f6f
-
SSDEEP
24576:rc+WewJtufGu8AmbYePdHYmc/0RzRyean:rcdtufGuTeFHXc/YzRyea
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ScreenPayload.exe
Files
-
ScreenPayload.exe.exe windows:4 windows x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.0MB - Virtual size: 1.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE