Behavioral task
behavioral1
Sample
3be35463b1de36e28b73c0966f81537e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
3be35463b1de36e28b73c0966f81537e.exe
Resource
win10v2004-20231215-en
General
-
Target
3be35463b1de36e28b73c0966f81537e
-
Size
46KB
-
MD5
3be35463b1de36e28b73c0966f81537e
-
SHA1
af7af3fd4892c1a36d90083e8fd85e2930d9ad68
-
SHA256
eac6afa211452c7b9f9ea1a5b41ab2a8e6118542e7b2a1233484182440746cd1
-
SHA512
0af1dc23c7704527e98e52b948608e9609f3b810cff638018a5ff64031d2a7aa4b1f716248260815960b294471df0bd763e96ea584c77197319bbeada4cfc24e
-
SSDEEP
768:XocAX3LKew369lp2z3Sd4baFXLjwP/Tgj93b8NIocVSEF8Y15jjmV49GEYMPCxxh:SKcR4mjD9r823FzN6AMnxwhIRt
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3be35463b1de36e28b73c0966f81537e
Files
-
3be35463b1de36e28b73c0966f81537e.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 24KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE