Behavioral task
behavioral1
Sample
1597a5c4854914e178b7571d3afcd08b.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
1597a5c4854914e178b7571d3afcd08b.exe
Resource
win10v2004-20231215-en
General
-
Target
1597a5c4854914e178b7571d3afcd08b
-
Size
5.5MB
-
MD5
1597a5c4854914e178b7571d3afcd08b
-
SHA1
452b02f3e09d0c974b54bc865703ce48bf657b5c
-
SHA256
524a9718a3a4e6e29d9224f9462d8a9e3f0f8f4cd4616b283cb02d804b6f6f12
-
SHA512
ad858d35a0e62190a17fe115fda24ecec6c3bc1dfb181ee415430eafc04064eb03de445b15a3f23a22a7e7c7f51752eb4538ded46ad72394ed40b82a4db55c9f
-
SSDEEP
49152:5ceeR7NTeic7Uus68io0i+GHJHlc5ay3vRmCFOGNj8mW4JH53R+wVG+l0yd/e9UO:f4Rzqsk35mCckFR+vicS43
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 1597a5c4854914e178b7571d3afcd08b
Files
-
1597a5c4854914e178b7571d3afcd08b.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 7.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 208KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE