Behavioral task
behavioral1
Sample
1f2abfb62b0229f16e747b7e02078ef6.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
1f2abfb62b0229f16e747b7e02078ef6.exe
Resource
win10v2004-20231215-en
General
-
Target
1f2abfb62b0229f16e747b7e02078ef6
-
Size
133KB
-
MD5
1f2abfb62b0229f16e747b7e02078ef6
-
SHA1
f2d828db599e9a567b7dc5ed2c241aecb387bf99
-
SHA256
2c3010aff87526fa5c81b61af3960690c38a0e2c08bdfff8b1219d812f61a3b9
-
SHA512
adf474f43950318842353124caf47b402ea89e5fa14238be375579992d2ab349cd6f4bdb0304173e2136c9ec1ed81108cc3e4dc4367eb568d2f8c00816f4b157
-
SSDEEP
3072:sT4ENWukEhXncsgAhzKpFmDsHXRh5OxI/+1XHwTTj0PG2ZQ:a4EU0h3yAhaMi5/6XHQQe2ZQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1f2abfb62b0229f16e747b7e02078ef6
Files
-
1f2abfb62b0229f16e747b7e02078ef6.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE