Behavioral task
behavioral1
Sample
41fdac000eb258c96a15fb9f30517843.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
41fdac000eb258c96a15fb9f30517843.exe
Resource
win10v2004-20231222-en
General
-
Target
41fdac000eb258c96a15fb9f30517843
-
Size
102KB
-
MD5
41fdac000eb258c96a15fb9f30517843
-
SHA1
bac3fd0b3e4e391567bb12c14bee43dfbfea4054
-
SHA256
ac3bfcb9f054e087cac67f243864e3d2bd2a50b6211d3369a82a2c1ccf28a032
-
SHA512
4f912f1c84000d3bb5ef56fc66ae84ae39608ca7d7e866941104ee7426d3399673c4a503b599927782e75b85491e7ca50a5a0abd939ce524afedb05d0a7336be
-
SSDEEP
1536:Zp0yOzpX8rP23Z5Eei4N32sijZCSO4mO9x4MSP7LhIX3sp/z:rbOzpXlqCSXmOkJLhp
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 41fdac000eb258c96a15fb9f30517843
Files
-
41fdac000eb258c96a15fb9f30517843.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 28KB - Virtual size: 28KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 67KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE