Behavioral task
behavioral1
Sample
661ee1db13b228ab66b01de3a9b44284.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
661ee1db13b228ab66b01de3a9b44284.exe
Resource
win10v2004-20231215-en
General
-
Target
661ee1db13b228ab66b01de3a9b44284
-
Size
2.7MB
-
MD5
661ee1db13b228ab66b01de3a9b44284
-
SHA1
e83bd0307a01742fc0a8b050c83445b8d5f00521
-
SHA256
5602e3d9f14eb0ec1ceb5bba617d04ec1e38051e2a6f6d230e3a6beef1b5616a
-
SHA512
cb2293d445d65191268e532f7d8ba20ded8b53856d7d9db53122e4969988be5ba00cb41454eece387a395b9c5e989b13b1d53d5d504dcf39e6774cad3706fbc8
-
SSDEEP
49152:9PzdYTx/8hnkcALQ1YKQ6J+Nl/UsLVCDJQHkbMeppdv5/i:ROT58hnwCQKSkJoeXH
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 661ee1db13b228ab66b01de3a9b44284
Files
-
661ee1db13b228ab66b01de3a9b44284.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.1MB - Virtual size: 1.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 136KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE