Behavioral task
behavioral1
Sample
0b4f4d3d505db1ab3239156924055eb1.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
0b4f4d3d505db1ab3239156924055eb1.exe
Resource
win10v2004-20231215-en
General
-
Target
0b4f4d3d505db1ab3239156924055eb1
-
Size
1.5MB
-
MD5
0b4f4d3d505db1ab3239156924055eb1
-
SHA1
ed59e26333bbc9e57f89a9277f53b808bf9b0a15
-
SHA256
7a9ad2274fac8705397dc52f1dd4ec1e6fba1261d07011589bd016c0ffb3615f
-
SHA512
d1c3b557820d7ce2a834c7a861580b3a5b3a8f20c08eb90d49048b9e561c201a2a2287ef12cc12c1c931d174007a7e954cc3f4288245452e440fb5b28815c57d
-
SSDEEP
24576:O5ahMFxQZ/Vx1z1Kh4k4IoHsUerlrjP/EQppXfrzPION5halVzece/gaf/0gVW:Yahi8/rF1KhOIoH78rL/EQpFfr0ONbaU
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0b4f4d3d505db1ab3239156924055eb1
Files
-
0b4f4d3d505db1ab3239156924055eb1.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE