Behavioral task
behavioral1
Sample
8613b363e28834e06f7202bab56a57a3.exe
Resource
win7-20231129-en
General
-
Target
8613b363e28834e06f7202bab56a57a3
-
Size
284KB
-
MD5
8613b363e28834e06f7202bab56a57a3
-
SHA1
df5028f87474eb17027bdea05f8a7f531d17188a
-
SHA256
49e4922a167a55f1832a04ac3a23db83291da21c930048bb228e300736e588fb
-
SHA512
d79d372a4869b7e246192805ded9b72215de6ad18151efef6b99e2bce362418ba44c11004d8e5aa1198315050525e4cb93f6498ede38c93f4bd71d14e28e4cb6
-
SSDEEP
6144:Ik4qmNC5iGqysPhk3MCrcBLYTXhH4RUSXA8:z9vtsPT5YrhXS
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8613b363e28834e06f7202bab56a57a3
Files
-
8613b363e28834e06f7202bab56a57a3.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 280KB - Virtual size: 280KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE