Behavioral task
behavioral1
Sample
231b118364dc89432701f95aba91975e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
231b118364dc89432701f95aba91975e.exe
Resource
win10v2004-20231222-en
General
-
Target
231b118364dc89432701f95aba91975e
-
Size
324KB
-
MD5
231b118364dc89432701f95aba91975e
-
SHA1
244c34600265a1446bb6b5705496f64ed0da81b1
-
SHA256
791037143f5e3ade8afe3670c1c5cd6c8b33218cbf828a5f3518b6cc07115ec9
-
SHA512
09438f6157a9566df078275a6304b9f15fab684a0ab73e02f596682af6cc49f88d7c5924ff8a304abfa6c382f494448076ab14d1648df654e5f4bdf564ac8c7a
-
SSDEEP
6144:rs7Ki7mophiI2Z2YrAehV4RWifZtFSvkt3Yzh9cFrn/B/jF9Q61vyeOqn9T:rKKephiI2ZYcsW2Ukt3XFrpjF1Db
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 231b118364dc89432701f95aba91975e
Files
-
231b118364dc89432701f95aba91975e.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 576KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 317KB - Virtual size: 320KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lame Size: 27B - Virtual size: 27B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.hnxyy Size: 485B - Virtual size: 512B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
vip Size: 485B - Virtual size: 520B
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE