Behavioral task
behavioral1
Sample
3828a5ad4542092befc84fdee1586f7c.exe
Resource
win7-20231215-en
General
-
Target
3828a5ad4542092befc84fdee1586f7c
-
Size
1.5MB
-
MD5
3828a5ad4542092befc84fdee1586f7c
-
SHA1
f3c892f174e4a7ba37cc4e9fe73103e24029b0db
-
SHA256
bccb727cc1ccbdfbc3b8a1d8a63409381238db23f27a763f7edfcf213e2421ab
-
SHA512
1e875d5e3d740c414595f4676514dfdd70c887093f5bc884b3b99921046fc3105735691092cb2adf3fac4f1a3a6f60c32fddac5ab3767721ee4ffc8b29e50522
-
SSDEEP
49152:8D9F7lTrj2Lq9jOtd1iJR1AfPuNOeu1M:8DZD2rti+fPuNOV1M
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3828a5ad4542092befc84fdee1586f7c
Files
-
3828a5ad4542092befc84fdee1586f7c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 2.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 783KB - Virtual size: 784KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE