Behavioral task
behavioral1
Sample
197bcd734f4a45d9cad3659c0c5e5919.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
197bcd734f4a45d9cad3659c0c5e5919.exe
Resource
win10v2004-20231222-en
General
-
Target
197bcd734f4a45d9cad3659c0c5e5919
-
Size
220KB
-
MD5
197bcd734f4a45d9cad3659c0c5e5919
-
SHA1
2d87b7c4cd2e0b84f009a1d4286e435e39b794ea
-
SHA256
192506405ab5367f3cd95132dc497f9af9e133206c6b99be7db58ce23a9a89ac
-
SHA512
a8d1dfba1136e20b8d0027f85442addd436d779f1013ed4288ba7718a8059e9fe9f67afb7f9b0747f6513da695f17bba69e5edc3beaee37e81e612ed8d9689a6
-
SSDEEP
6144:47gRq8H18/vXXbR5Ev9e81xTf3lpMjV92x3x3fLJXoS:474q8H1CXbReFe+T/7MjV92xnXoS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 197bcd734f4a45d9cad3659c0c5e5919
Files
-
197bcd734f4a45d9cad3659c0c5e5919.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 360KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 213KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.MCTeam Size: 512B - Virtual size: 512B
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE