Behavioral task
behavioral1
Sample
a0cb1a064b35e32c70a3ca558ed053c0.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
a0cb1a064b35e32c70a3ca558ed053c0.exe
Resource
win10v2004-20240221-en
General
-
Target
a0cb1a064b35e32c70a3ca558ed053c0
-
Size
7.8MB
-
MD5
a0cb1a064b35e32c70a3ca558ed053c0
-
SHA1
67ff4b30061e1d16fb5eb4e329d91b60d0221fa8
-
SHA256
fec9b24d99119d03b2ba70eb3c4244b9c905ec021fa1b93967d7dba2cad7b473
-
SHA512
e937addf02f9744dacecdc7eeec771d36a0b3637c8a89cd359928a5fe49f72823cb6c47be4e48922a26566672b6da98ae98845c34baf63e7c86bbd043b1467df
-
SSDEEP
196608:XW2FxzLqYr3IW84TzLqCYstzLqYr3IW84TzLqd6zLqYr3IW84TzLqCYstzLqYr3i:GqxzIL4TzLtzIL4TzdzIL4TzLtzIL4Tz
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a0cb1a064b35e32c70a3ca558ed053c0
Files
-
a0cb1a064b35e32c70a3ca558ed053c0.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.9MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 500KB - Virtual size: 504KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE