Behavioral task
behavioral1
Sample
8e989a3dc0677983ec650c7a51c191c6.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8e989a3dc0677983ec650c7a51c191c6.exe
Resource
win10v2004-20231222-en
General
-
Target
8e989a3dc0677983ec650c7a51c191c6
-
Size
20KB
-
MD5
8e989a3dc0677983ec650c7a51c191c6
-
SHA1
03acc23c9f95eb62a2b46da4b9690ba07da0a752
-
SHA256
2bdb0fc358d92520796b0dc0fede750a0b2926be732a0b9cbb5d2785e3978978
-
SHA512
340df532d36bf14ffdf3c7345629e840eb4daf03de70eea670073ca747b692e5a98ed55637b6d87f2bec55906b446996bf95beb797208d9419b2b18f061fc1ad
-
SSDEEP
96:BHqvH6fh/aluRlFL0iFUx+uVB5C5x5l5W545qxBOvHXf6mEP5c:wvypMWLBUx+gP6/j+0lvPaP5c
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8e989a3dc0677983ec650c7a51c191c6
Files
-
8e989a3dc0677983ec650c7a51c191c6.exe windows:4 windows x86 arch:x86
488846a3a2bbce2374af8a836ac053b2
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
Sections
UPX0 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.avp Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE