Behavioral task
behavioral1
Sample
5b6e3c50271b5c11ca1543ab60a2e75f.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
5b6e3c50271b5c11ca1543ab60a2e75f.exe
Resource
win10v2004-20231222-en
General
-
Target
5b6e3c50271b5c11ca1543ab60a2e75f
-
Size
480KB
-
MD5
5b6e3c50271b5c11ca1543ab60a2e75f
-
SHA1
3a14d4dae90620e6bb8cc29e8381e6452243c49f
-
SHA256
e372ef079ef64f837be82142f8d222ffc8ab7252d44976f5e3ee4b367b5150ac
-
SHA512
f9a1d62b68920bf25d0708f5b01853602ecd20b0e30850c9013dc4df33638964e8ac5084ead5e8572d141adcbed065e02f709b539bea2fd19dc8944f406abb94
-
SSDEEP
6144:JuaEPxHgstn4fRj9mwBrEHwzJwI7/R+5INSwhcO5Prd1Hc7j:MTPxAqeh9mwBr/l/R2INSccO5PjHoj
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5b6e3c50271b5c11ca1543ab60a2e75f
Files
-
5b6e3c50271b5c11ca1543ab60a2e75f.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 276KB - Virtual size: 276KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 192KB - Virtual size: 192KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE