Behavioral task
behavioral1
Sample
75096376efd7348a3b5e7b0415ef941a.exe
Resource
win7-20231215-en
General
-
Target
75096376efd7348a3b5e7b0415ef941a
-
Size
366KB
-
MD5
75096376efd7348a3b5e7b0415ef941a
-
SHA1
fe93068fc5f13340ed9ba611a4423146623d9ff6
-
SHA256
a8f1b931d3353ccf29dee69392d154bb610004b00b272ba74fe12077182d2c67
-
SHA512
b527182dd3018d06f390dd6991a7e5f33c2639ab4f6780d273af18126054b6c6c37fa6158ceb88576943dfaaebd7223c81a0db6fab7569c4b50f22bde1d31589
-
SSDEEP
6144:rUGZjWMN2Sse4d3ERvBxc7hsp8GcUL67rOcQ/j0/3jiSiytZoVazMl:rK7SsvdMvLxpe63Yb3tZRzQ
Malware Config
Signatures
-
Processes:
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 75096376efd7348a3b5e7b0415ef941a
Files
-
75096376efd7348a3b5e7b0415ef941a.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
Size: 265KB - Virtual size: 764KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 96KB - Virtual size: 100KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE