Behavioral task
behavioral1
Sample
8787fa999a6c6f7eb5d2f27cf7254171.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
8787fa999a6c6f7eb5d2f27cf7254171.exe
Resource
win10v2004-20231222-en
General
-
Target
8787fa999a6c6f7eb5d2f27cf7254171
-
Size
2.6MB
-
MD5
8787fa999a6c6f7eb5d2f27cf7254171
-
SHA1
fc127e12ecb253be78415a1954f2334170850cf9
-
SHA256
a2c7d97803e221fd397b93d5ce38b5aed6ce7dcfc6a947ec1f3d60daca9e13ea
-
SHA512
fa15d917f26a086f777b0979eb22f9ede08fe82d4ea3b614649801e67d7f95dfb5ac525e8b327b419276201ebb0c0b96dc0bba143b2e80ea4f09ff8c8d158375
-
SSDEEP
49152:8GixmWsB6kdTXWZiyIWTUkY7cI5fXfnnqaay3:5RQkgYXHnJ3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8787fa999a6c6f7eb5d2f27cf7254171
Files
-
8787fa999a6c6f7eb5d2f27cf7254171.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 7.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 208KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE