Behavioral task
behavioral1
Sample
69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe
Resource
win10v2004-20231215-en
General
-
Target
69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe.zip
-
Size
4.0MB
-
MD5
2a995db1154602d0f4d84f0bcfdc29fd
-
SHA1
6d6098eff0f85322d7af5768218fc84cf8db4ce5
-
SHA256
64d0e1e5deceb450933bf762c3e49a71299f2f8e42cd7d5bd230ed8326bb492b
-
SHA512
112f021fce8ca7a9f4b3cf3a2e5574312d35445647d1546877ea3b6c920a695e1da9e3aa107fa63d111f7be9f6a18c3b3e7bfe35e9cf891c745d96c3be7bfe57
-
SSDEEP
98304:lto+6lidcODFYqHrVgK2kEEvvVfRdfoQaOpOh19P2:XoRPyFZBckfvvN3eOAp2
Malware Config
Signatures
-
resource yara_rule static1/unpack001/69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe
Files
-
69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe.zip.zip
Password: infected
-
69d49e2e9cb21bebe0b8dfb1d6bb24eaac9a350590cae75b4705d5f9e9ec8c34.exe.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 13.0MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4.0MB - Virtual size: 4.0MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 79KB - Virtual size: 80KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE