Behavioral task
behavioral1
Sample
9f73e803223c0bf72ad91341d8f4c24d.exe
Resource
win7-20231215-en
General
-
Target
9f73e803223c0bf72ad91341d8f4c24d
-
Size
1.1MB
-
MD5
9f73e803223c0bf72ad91341d8f4c24d
-
SHA1
3a11680d0969423ab5f63e104c65cf0fc88901b8
-
SHA256
47762ead584529301063c560e505998a8a5a50749cd34c6313a90ae69b58d1c5
-
SHA512
c190aec73a8c1e15b044c6867a32a78955393d5e69002fa478c0772d148f8275348a32f2088dde71d90d8193634bba132b84b070615e8b1d663a08094376d2dd
-
SSDEEP
24576:QU1uUHG/7vZKGVlfumMH8NS59MQ4CwNOt7X6r0gRf45PqCCF:f13Ahrb2Lcg59f4VNOtLk0x5PqtF
Malware Config
Signatures
-
Processes:
resource yara_rule sample aspack_v212_v242 -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 9f73e803223c0bf72ad91341d8f4c24d
Files
-
9f73e803223c0bf72ad91341d8f4c24d.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 38KB - Virtual size: 76KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 144KB - Virtual size: 388KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.aspack Size: 14KB - Virtual size: 16KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE