Behavioral task
behavioral1
Sample
05b76afec70ebe9b36b06b8dbc24b80d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
05b76afec70ebe9b36b06b8dbc24b80d.exe
Resource
win10v2004-20231215-en
General
-
Target
05b76afec70ebe9b36b06b8dbc24b80d
-
Size
1.5MB
-
MD5
05b76afec70ebe9b36b06b8dbc24b80d
-
SHA1
2d24372b71d0db85cd4fee10733d20a29b5a2a19
-
SHA256
e265a6a6dffbbb86c3e9b2fdaf78bfbafa141814efc1a60003dac446dcf38437
-
SHA512
5da49d3cabc9fd3eef1847f22e2b8aa23800a9177fadec6536b55c544c4afaa1a2755c0ee97d002388f96bdc90ff9dcfd2dc57f22d6a188837cc893d7c74ee2b
-
SSDEEP
24576:ibk2gkDlb+v2hUmeZhFWOEFFQaio+zxJ+GIGmuIqS0zuvZTrG5dOF7RHOIjs8BW:UkZkD1BUvnWOEFWjIqS0ytjF7RU2
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 05b76afec70ebe9b36b06b8dbc24b80d
Files
-
05b76afec70ebe9b36b06b8dbc24b80d.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE