Behavioral task
behavioral1
Sample
b4970e883723ba9719e895325e0131f3.exe
Resource
win7-20231215-en
General
-
Target
b4970e883723ba9719e895325e0131f3
-
Size
784KB
-
MD5
b4970e883723ba9719e895325e0131f3
-
SHA1
25579da12f4bafe9a5d6115416508ff4ac7045a4
-
SHA256
4252dbdd806cad7aad9d272d77c8e7049c67ba94bd78cc524ecd4c3fbf38cb1e
-
SHA512
e4c998e35698a08660a4713ee841e9fc7e270a371afe83f44e960ad898ef583cdd3bfa908e0afdef5a15e86e2ec24dfd3b912e2e3f60eddd2b5620bdbd259580
-
SSDEEP
12288:uuA2kbbvfP8WW5fNYG3c6SNnuBjbgrWuedThLRtaN8ZcR9ETee60B4JvXOI:SPfhW9c7IbgrWuedThtXc7ETBcX9
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b4970e883723ba9719e895325e0131f3
Files
-
b4970e883723ba9719e895325e0131f3.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE