Behavioral task
behavioral1
Sample
8fe7af4b279e32ab930aaaa17975f46e.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
8fe7af4b279e32ab930aaaa17975f46e.exe
Resource
win10v2004-20231222-en
General
-
Target
8fe7af4b279e32ab930aaaa17975f46e
-
Size
53KB
-
MD5
8fe7af4b279e32ab930aaaa17975f46e
-
SHA1
46a9752098294bfe171fefeefd815012bcc26589
-
SHA256
3bc1c596cc599a8efb44796164d93a596f6b7d8c05e6f7c5bdefe7ac54b2057c
-
SHA512
bf90c509d16b7647b852cd9ff690259398c4e12a0f803213509d8acb71c69a42266962d04a9116919a83f2cd1d7cf57ce9b3a1b03717783a02888f7ba0bfcdc9
-
SSDEEP
768:Dl0TPAd2uAGEnsTTvyH70u+SbmPrUjAizjOKP3T+E48EJaJ4EyEnlgDdQEJx5rxx:nd2u1PHxu+JPrmAi+Kbj3J4EnlgzL5b
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8fe7af4b279e32ab930aaaa17975f46e
Files
-
8fe7af4b279e32ab930aaaa17975f46e.exe windows:1 windows x86 arch:x86
fc1e39870f241f86419910152483c9e7
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
user32
EndDialog
comctl32
ImageList_Add
gdi32
GdiFlush
advapi32
AccessCheck
msvcrt
printf
Sections
UPX0 Size: - Virtual size: 524KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 50KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE