Behavioral task
behavioral1
Sample
4f63694b9824820e72768a708b80189d.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
4f63694b9824820e72768a708b80189d.exe
Resource
win10v2004-20231215-en
General
-
Target
4f63694b9824820e72768a708b80189d
-
Size
266KB
-
MD5
4f63694b9824820e72768a708b80189d
-
SHA1
68cc6c31cfd1e9a3c93b81a12b518665abfe6e14
-
SHA256
4807053d43daad33a9c1ba3ccb1089be483532385504b9b412bb8368e8e1eeb7
-
SHA512
30554910a1fd074e6e27e958d5caf7d19cd71626f0399237a45f758e76c0019eaea91fe41e37c69c7f3c2ed309506f53685c82ccfaffd9612193da3f9afe3f72
-
SSDEEP
6144:KmFksl/ou3uly+6y54UIyZRanb5mowWv7eGWpdSd9Ly2vnWLZVaWQ:HnVouX+6yWAkmdU7EaNvnWI
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4f63694b9824820e72768a708b80189d
Files
-
4f63694b9824820e72768a708b80189d.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE