Behavioral task
behavioral1
Sample
189f0ac2de2d8a710a9bcf07b1540b8f.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
189f0ac2de2d8a710a9bcf07b1540b8f.exe
Resource
win10v2004-20231215-en
General
-
Target
189f0ac2de2d8a710a9bcf07b1540b8f
-
Size
2.7MB
-
MD5
189f0ac2de2d8a710a9bcf07b1540b8f
-
SHA1
f0848a330016efb966dc04aa98d76fbfcb0ce86b
-
SHA256
1566c14c045d8a37213f44b0680806f34051cf0aec10475b4bbc3567ff060b74
-
SHA512
ac4aec8d49e4573fd951ad332f13b30c15302f5a445cf631e144500bdc1e30759da4d11f123f7ca004e6dc5fecb9af56c5669448d71edae598054e13963a4eb1
-
SSDEEP
49152:ydfmLlRAdjUqVTkkLnU/RYdnF0eLfVqt5TAR97sqsHaiWbltAsc3SOvTtNe/yLSr:yd0etkkTUepFBEXAHwqs6r4sYSOvRNef
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 189f0ac2de2d8a710a9bcf07b1540b8f
Files
-
189f0ac2de2d8a710a9bcf07b1540b8f.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 141KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE