Behavioral task
behavioral1
Sample
edc2f216c73f33940a5ff2257ce54a09.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
edc2f216c73f33940a5ff2257ce54a09.exe
Resource
win10v2004-20231215-en
General
-
Target
edc2f216c73f33940a5ff2257ce54a09
-
Size
7.8MB
-
MD5
edc2f216c73f33940a5ff2257ce54a09
-
SHA1
9d069c4c189908b853e36a36296a4f403e95c5bf
-
SHA256
d350aa6628cfff44e6f1428fafe841b6351976feb04e5ef40ae03a899eb6fd94
-
SHA512
d525b8e87321667d9409bc041dece33044ff5434c6ff23324b554defab97e62dc1f55b9de31b44844e10e1a6fa49074aff9ca6c060a893140a4350b5d0620ffe
-
SSDEEP
196608:2Y8/vdlirybMgOnkdliro4j0XYdlirybMgOnkdlir5XwcOICkdlirybMgOnkdliG:2VrbMrn0KbMrn9OIfbMrn0KbMrn
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource edc2f216c73f33940a5ff2257ce54a09
Files
-
edc2f216c73f33940a5ff2257ce54a09.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE