LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
Behavioral task
behavioral1
Sample
9e1522c690b22569a2bb17df7ad2e3566e3bbaebede00c01675f36f1b25940a2.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
9e1522c690b22569a2bb17df7ad2e3566e3bbaebede00c01675f36f1b25940a2.exe
Resource
win10v2004-20231222-en
Target
9e1522c690b22569a2bb17df7ad2e3566e3bbaebede00c01675f36f1b25940a2.exe.zip
Size
12.4MB
MD5
0a4be00e624599e00828791a06734882
SHA1
40b47909e31ad3dbdbdb254d2d7e394e20bba8c9
SHA256
f05915e8adaa05dc7230fe8778fdf251255d1749cc727690985bed7b67a0f9c9
SHA512
00db765a5eca43cd513d7ed180d237fafcae79e3baa505f871cbe4df252cb4e20d019e6689405be48f2f61649c22fe3315f9298527c769bc63074acfc0ab5985
SSDEEP
393216:Q/rLd0gtS+CmA8JV0STAfoazTSY58KvWav+7:MdtS+CmFhEffzTSYmK+P7
resource | yara_rule |
---|---|
static1/unpack001/9e1522c690b22569a2bb17df7ad2e3566e3bbaebede00c01675f36f1b25940a2.exe | upx |
Checks for missing Authenticode signature.
resource |
---|
unpack001/9e1522c690b22569a2bb17df7ad2e3566e3bbaebede00c01675f36f1b25940a2.exe |
unpack002/out.upx |
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
LoadEnvi
MemoryCompare
MemoryCopy
MemorySet
WndProc1
WndProc1_
WndProc2
WndProc2_
WndProc3
WndProc3_
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ