Behavioral task
behavioral1
Sample
7da0dffaf6d5dfc3e833c0ba92c4988a.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
7da0dffaf6d5dfc3e833c0ba92c4988a.exe
Resource
win10v2004-20231215-en
General
-
Target
7da0dffaf6d5dfc3e833c0ba92c4988a
-
Size
3.9MB
-
MD5
7da0dffaf6d5dfc3e833c0ba92c4988a
-
SHA1
c54210e41a3e8bee6c6800ac61c6ee59bc2246c5
-
SHA256
dc14eebe643afc7bd0bce8501f94411fc079c643aae528e4fc4285e190f1b7e3
-
SHA512
67f726096209fc37bc26a3acf7159ba3457e6c5f27ab2b27b0795e2e667bf2653cfe38462e48397d4053e4c36e9588c20d01f954f604fa196f9097f6b499f5fa
-
SSDEEP
98304:WwMr2xgA9zyULG+YFin9PAr+LzKA9zyULG+0Y7+Wp303yA9zyULG+YFin9PAr+Ld:tMrANzLqUhArmPzLqJYrGzzLqUhArmPK
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 7da0dffaf6d5dfc3e833c0ba92c4988a
Files
-
7da0dffaf6d5dfc3e833c0ba92c4988a.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE