Behavioral task
behavioral1
Sample
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe
Resource
win10v2004-20231215-en
General
-
Target
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe.zip
-
Size
2.8MB
-
MD5
6e3a88133776646fe298fd63645c20ee
-
SHA1
d37d5d0106567c0c702b3306d7a941421a1d6858
-
SHA256
3c6ac0a83bec56feaea8d61420576f422bebc570a487c34694f25327a99ba9f8
-
SHA512
73a395df0f0b5c655de16f87fc3b55bc280d17e53535014c4578c01abc53545485e101396793ce6428aec078596ef8702db697807b57c4ea35c87d7d9e2b64fc
-
SSDEEP
49152:extOLCdAbyuU4pmZxBucSepgjVppjTEMHhu0WNHjXPxv17Cr5Y3yjnKla:euLCdkyuIBuHvP2fBYAOWa
Malware Config
Signatures
-
resource yara_rule static1/unpack001/6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe
Files
-
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe.zip.zip
Password: infected
-
6d5c026287beab032b7d7831996b516fbd44917330f9009e4e963d4f3c86a4b5.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 9.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 151KB - Virtual size: 152KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE