Behavioral task
behavioral1
Sample
a111289bdaa4f4e83d1612cb62d19a95.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
a111289bdaa4f4e83d1612cb62d19a95.exe
Resource
win10v2004-20240221-en
General
-
Target
a111289bdaa4f4e83d1612cb62d19a95
-
Size
29KB
-
MD5
a111289bdaa4f4e83d1612cb62d19a95
-
SHA1
bce8fc617abd3daeaa8478c28441eaa87684cdf8
-
SHA256
bdde20172d54a961429622c013b239c1b8fb163a24381249fb9e0bbbcb795c41
-
SHA512
9cffbfccd5c4cad55648f4af26d3cf18af147915e103bf53391e46f4374ea85d7b9bc4a721954d35241bee17ad43eea7f056339bc7f2f64ed62990a23771fba1
-
SSDEEP
768:giX6RTsJPUiKKvMI0GbjePs3095HVG4/ue3NhAYvi:FXUTKUIMIg7jWQhxvi
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a111289bdaa4f4e83d1612cb62d19a95
Files
-
a111289bdaa4f4e83d1612cb62d19a95.exe windows:4 windows x86 arch:x86
ea265e1fce9405dac4cbb1b5b8867377
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvcrt
_tell
_tzset
_umask
_rotl
_spawnl
_stat64
kernel32
GetNextVDMCommand
GetDriveTypeA
GetStdHandle
GetSystemInfo
GetVersion
GlobalAlloc
Sections
UPX0 Size: - Virtual size: 40KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 20KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE