Behavioral task
behavioral1
Sample
02288e932b6c6092190a2879003b23f2.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
02288e932b6c6092190a2879003b23f2.exe
Resource
win10v2004-20231222-en
General
-
Target
02288e932b6c6092190a2879003b23f2
-
Size
1.3MB
-
MD5
02288e932b6c6092190a2879003b23f2
-
SHA1
3f5f72b95537ce45b415f04c96ac32dc42735403
-
SHA256
6bacf9938071004b0cb53fd446b4d59761ab0c9b7176123d99e3d2fdae916c94
-
SHA512
d5808297430f95ca9a2bb3402aa0c5f14254833d3d77add797ffb84015d811a91622bbc2815662af466c835a51b41c826dfbe606045b14273b5bcc857d6fd239
-
SSDEEP
24576:zoMTAUGZBEpoNgsL81IexCTu2oXsyo8u8YeccttvG:9TZpoNB8xuu9cyfu8YLc
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 02288e932b6c6092190a2879003b23f2
Files
-
02288e932b6c6092190a2879003b23f2.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 136KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE