Behavioral task
behavioral1
Sample
97ed7839969fb4850164856b70804a44.exe
Resource
win7-20231215-en
Behavioral task
behavioral2
Sample
97ed7839969fb4850164856b70804a44.exe
Resource
win10v2004-20231222-en
General
-
Target
97ed7839969fb4850164856b70804a44
-
Size
2.9MB
-
MD5
97ed7839969fb4850164856b70804a44
-
SHA1
3d1d90359df943c65cfdd6330af292c53e8fe659
-
SHA256
db1d4171a0dd857c74db82b5071a565453da9c81ed2d093ce87fbce302f3b651
-
SHA512
cbf9bf68e14855c70ce4aec631c6b3edd2968ae392df60375e8296364aa40628658e31754db00b2f7cdcb75f76693b0f10f9a79ecee125e481a6897708d03c18
-
SSDEEP
49152:poTNCKZ30E/UP8owDh7O0dGmTEpsZ9Baj8BBT4SfcsUjoh48TyMPkXdwkyZ:poZ30BP8owFPdGmYUHau42c1joCjMPkK
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 97ed7839969fb4850164856b70804a44
Files
-
97ed7839969fb4850164856b70804a44.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE