Behavioral task
behavioral1
Sample
97b909d49d0f75bab65627a55f3f51d8.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
97b909d49d0f75bab65627a55f3f51d8.exe
Resource
win10v2004-20231215-en
General
-
Target
97b909d49d0f75bab65627a55f3f51d8
-
Size
241KB
-
MD5
97b909d49d0f75bab65627a55f3f51d8
-
SHA1
cfa5470324b1b936f79d24785002a58f23afbc43
-
SHA256
8417d6f2d56b41d34b625605e5d6c4e9a1578a55a31e6f338fba08c4791328af
-
SHA512
6cc20ad1d93a64646816f71ba0433bac9fa30cea0e0df94efe2701d2732cacd01551d82504dec2530e8e0603bd3dab7e16f945052b8c2c6f4c60b17a86f77a1d
-
SSDEEP
6144:QNG+Me9COcT+gdFcWxns7HD6DkX8WIC1NzcHosauKM9s9StP0DoSCV:AMQvcZXTgh6C15cBP9s9SmDoS6
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 97b909d49d0f75bab65627a55f3f51d8
Files
-
97b909d49d0f75bab65627a55f3f51d8.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 2.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 238KB - Virtual size: 240KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE