Behavioral task
behavioral1
Sample
9da4a44cef4416c6905f37b865525185.exe
Resource
win7-20231215-en
General
-
Target
9da4a44cef4416c6905f37b865525185
-
Size
484KB
-
MD5
9da4a44cef4416c6905f37b865525185
-
SHA1
cc9bb1b9315618db0f352e23f5be40067004990d
-
SHA256
2bacbf9f90ebbbb8ed32bc85218b319d67cc237e5399d5f4d7d47e32c239a866
-
SHA512
e1ebe378d46cfb3122bb8027b3738b7b84fdebe43b830f3dabd22002b9b90f4dcd1f8e8bc9d7e73912fa6a3775b46c1e57736d59e9c9616a9fed50f744144fe8
-
SSDEEP
6144:vmxQjd3KOr9TU6KViDvwto9jishlvIAVw3eL/1Wvha2KqJ4OSNC416Fa6FjTY4:19Tg63+huLNckUjetSauR
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 9da4a44cef4416c6905f37b865525185
Files
-
9da4a44cef4416c6905f37b865525185.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 112KB - Virtual size: 112KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE