Behavioral task
behavioral1
Sample
1d8764add851a61bbcc56e4140b6221e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1d8764add851a61bbcc56e4140b6221e.exe
Resource
win10v2004-20231215-en
General
-
Target
1d8764add851a61bbcc56e4140b6221e
-
Size
59KB
-
MD5
1d8764add851a61bbcc56e4140b6221e
-
SHA1
066dca2ebf9956c8664bfd0bda7690c936750ddd
-
SHA256
5b636585232d9d91e699a0460a164d7749f03888ffcaccd72212dd1abe22c22e
-
SHA512
e35e6e7e41eeb7794aa721f3aa5997f52f625b2bb4d61a5e23b6948038a36d580d813cdbf585b1843ff02cc15407e1f32cd0163f3cdbbb5d774e81e0e3991c62
-
SSDEEP
1536:zM36/JJI0U5fH1O4S8ppyTDbqkAasd4YJkWoKA6R:gEw5EFTPbyasd4T16R
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1d8764add851a61bbcc56e4140b6221e
Files
-
1d8764add851a61bbcc56e4140b6221e.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 176KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 58KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE