Behavioral task
behavioral1
Sample
cd046dd1e131aea869123c1cc1fe6c92.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
cd046dd1e131aea869123c1cc1fe6c92.exe
Resource
win10v2004-20231215-en
General
-
Target
cd046dd1e131aea869123c1cc1fe6c92
-
Size
2.7MB
-
MD5
cd046dd1e131aea869123c1cc1fe6c92
-
SHA1
3efb04bad4e220e7387a54bb56b47ff76354cd86
-
SHA256
a317c9750dbcc0dcc09737582df9d6283accf93694c0eb85d692072f12591ee1
-
SHA512
0867ef4d91668ce8a8db4032fa62090957ba912f3e8c422bd8e7abb477d85ea96b6c1e792b38aaa9a0fa4084abe33cd1a7b940cbeb0c8623e7660d16f5f8758e
-
SSDEEP
49152:YFhkpN/PyFFg/CJJRMHB9+oNjf/l3R9ktBc1+Q4YdxSChG38bDUggR9t:YTaHkbPMh9+o1fxHktBcwQDM2YIDULHt
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cd046dd1e131aea869123c1cc1fe6c92
Files
-
cd046dd1e131aea869123c1cc1fe6c92.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE