Behavioral task
behavioral1
Sample
73c6f59606ddab236a5d208603ad2a6c.exe
Resource
win7-20231215-en
General
-
Target
73c6f59606ddab236a5d208603ad2a6c
-
Size
806KB
-
MD5
73c6f59606ddab236a5d208603ad2a6c
-
SHA1
a95c5579ed1ebe6f7c09041acedb4158ff8ecf1b
-
SHA256
074e64eaaff4d069e98b598b0c462174f9fdbc9a0e82af8155ada59f72a59cb9
-
SHA512
1c59c57a91474d0169d9dc9715282c8cccde2e6182e0b7b70d09795ebbcbd471daf319d3904f559e88aa7a740ced935b32546d210382f9fd37f217ce6a0b65ab
-
SSDEEP
12288:QiNjd+p3+TTSkI6oSNn3ee63qiBlfhdgdd0CIw9vxsQJCbXzeiUDKQztf:VFO3dkI6Hn3a3NBteeCIuxCXlUeQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 73c6f59606ddab236a5d208603ad2a6c
Files
-
73c6f59606ddab236a5d208603ad2a6c.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 4.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 719KB - Virtual size: 720KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 85KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ