Behavioral task
behavioral1
Sample
41c5272a3117496b94a25f3915fe4d39.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
41c5272a3117496b94a25f3915fe4d39.exe
Resource
win10v2004-20231215-en
General
-
Target
41c5272a3117496b94a25f3915fe4d39
-
Size
59KB
-
MD5
41c5272a3117496b94a25f3915fe4d39
-
SHA1
0a90f63770d729d34de1812e4d480e5fccfec4fc
-
SHA256
123bbf72ffee76928b2ff76f6cc6ae6886037338bf081f97fd40ac3ff95489a8
-
SHA512
8cc70282d94934bac9fde678bf68a937e8ca386ccc5f0b775f0ca4231d39f1ac445ad016545c17c3d3bae0760b51cb61a3490fb913f42ede6f1ac579b3d488e9
-
SSDEEP
1536:mJkYAJVMMyLxsp3oV/AalaKr2rKjMi+AXHMxgi8KZ:me19q9Kuz+Ksnh
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 41c5272a3117496b94a25f3915fe4d39
Files
-
41c5272a3117496b94a25f3915fe4d39.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 176KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 58KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE