Behavioral task
behavioral1
Sample
12b5565be308b33f3efb443c0d85db89.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
12b5565be308b33f3efb443c0d85db89.exe
Resource
win10v2004-20231215-en
General
-
Target
12b5565be308b33f3efb443c0d85db89
-
Size
1.6MB
-
MD5
12b5565be308b33f3efb443c0d85db89
-
SHA1
215e0c3694f265ff88c8fcff6623fd7571629806
-
SHA256
5227d24a74cc56f25bacdf95757cbbccdd1994a8e40d07f2868485522811d28a
-
SHA512
8c3e2db52487e2cf47afb35a6710dfc39e60788478ad96dfb17a1f33b6c2cc89d2836716f6033b6ae390370336308e4f336ec772fc17f53a207221b031a4fdf4
-
SSDEEP
49152:Ao34P/URJaevDcakLz0SCITB3js8cr9dcakLz0O:Ao3i/WaEDcakcSCIps8cr9dcakcO
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 12b5565be308b33f3efb443c0d85db89
Files
-
12b5565be308b33f3efb443c0d85db89.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE