Behavioral task
behavioral1
Sample
80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7.exe
Resource
win10v2004-20240221-en
General
-
Target
80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7
-
Size
3.1MB
-
MD5
c12253839f68dff48bc05fb3c6bf9ffe
-
SHA1
9a1e17eefc77048aaa59a729245e2e13e07b27ef
-
SHA256
80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7
-
SHA512
7b8799ee728e3f30823c163121d7db634fd0f9281b6c8cab2001317ec6beb6305f1b66edd8e36ad35ca080f7b0a86be9aef2e6cc6beba94b7b275d7e797e0ab5
-
SSDEEP
49152:Ej7AVTzP8RNtALitd8lfkT2wCZaWTzhM21ukiupA6BqTYda5hhPTFgeL6IFnp:Ej7oFMdAkTBCJzju4A6wTXhFRgeL6Il
Malware Config
Signatures
-
resource yara_rule sample upx -
Detects Pyinstaller 1 IoCs
resource yara_rule sample pyinstaller -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7
Files
-
80620ac6d435d5669f8ca2450d5ed4cddbb396b2cc88b46e770a40f6a4fca5a7.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 164KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 33KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 59KB - Virtual size: 60KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
Rasdf8aer.pyc