Behavioral task
behavioral1
Sample
0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe
Resource
win10v2004-20231215-en
General
-
Target
0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe.zip
-
Size
474KB
-
MD5
f7a8bb75ac15d4cd949273c277da6bcf
-
SHA1
7e8e0971df7d7e110d5df1d0f5a5560dd12f346a
-
SHA256
23384aa794e70038d611c2c56e3afaede54a32359a4ff1e03255c5284a993511
-
SHA512
6311e91faff1477ed6dd17e71d99e52741f9fd0905d56c51805eb8e637ee170f3b79872ea1f8d8119b00dafc349a50ad9c28b76f45307f9f416d05b4e4e772d1
-
SSDEEP
12288:T4ThGBBspYG5yD4RLes9nQ+i0cqOZHcQay4s5zPNL:mGkpX5ysRLs+J+14CPl
Malware Config
Signatures
-
resource yara_rule static1/unpack001/0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe
Files
-
0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe.zip.zip
Password: infected
-
0837f354646300440c2f8f52df8228e5b90a9c36561cff196c49d9b36754a72b.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 416KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 479KB - Virtual size: 480KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE