Behavioral task
behavioral1
Sample
fa90e3a6bf77498c12a8f3736379829c.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
fa90e3a6bf77498c12a8f3736379829c.exe
Resource
win10v2004-20231215-en
General
-
Target
fa90e3a6bf77498c12a8f3736379829c
-
Size
133KB
-
MD5
fa90e3a6bf77498c12a8f3736379829c
-
SHA1
3a90b87a84a3e83c0256eddd3cbd875d877b9848
-
SHA256
74304bfc8cb79f2d20c8d3852c3c719c93caa5ad74aa838a94f3abda5437c7a4
-
SHA512
d0238fb801d271a9b8cca40e385df6ff06246f17484b300cdf4c18552022bbee065d78ee4988658b2350fe51a7fd3d149dfea4000feebc7b88f03d5c530ad682
-
SSDEEP
3072:u3fmey6mcM8xQsa7PQf5TaMt61spALLYOqPa3CQ0vqChQ:u3fHBhNxQsa7Qf5mMtAgAn9Oa3F0hhQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fa90e3a6bf77498c12a8f3736379829c
Files
-
fa90e3a6bf77498c12a8f3736379829c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE