Behavioral task
behavioral1
Sample
b2290be34341d6ece5f9f136e0823793.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
b2290be34341d6ece5f9f136e0823793.exe
Resource
win10v2004-20231215-en
General
-
Target
b2290be34341d6ece5f9f136e0823793
-
Size
6.4MB
-
MD5
b2290be34341d6ece5f9f136e0823793
-
SHA1
bfc5d6147c929f2b974147582f847d128e4a8530
-
SHA256
2705229625facd9f388ef804b0dfe8a1eeb16b5281b6e223aa37884dd238d39d
-
SHA512
d3dadff85627142f756c50948136ed5b2de269815230db99b8ecc6c6be07b39fec1fdf18e04f9d3404a41c7f64b08504e9a822919d49710ed2387b5f916752f3
-
SSDEEP
196608:A0dlmg587dl4Ar0oFXSmj/dlmg587dlVWSouWX8idlmg587dl4Ar0oFXSmj/dlmc:F58sAr09mjh58Jrou28m58sAr09mjh5B
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b2290be34341d6ece5f9f136e0823793
Files
-
b2290be34341d6ece5f9f136e0823793.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE