Behavioral task
behavioral1
Sample
b49eff2810e069bbf5d8edce8f48257a.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b49eff2810e069bbf5d8edce8f48257a.exe
Resource
win10v2004-20240226-en
General
-
Target
b49eff2810e069bbf5d8edce8f48257a
-
Size
1.3MB
-
MD5
b49eff2810e069bbf5d8edce8f48257a
-
SHA1
83cc7b12f44aa5339bbbfa34fef84a1b5ee0a54a
-
SHA256
df2e007875871660b196abeedca30db0920c6801fd77b73bf8f1f4ce8f82945b
-
SHA512
ebcc5ec1f525a2e4ff3cf1c26da24f6cd8dfb16e07f9de3572615f35f4897ed4c4c3804532950af7d4ea079452b8ead6735e57aa28b5c80276b40c3e94d5f0fb
-
SSDEEP
24576:UX14C+VtOWIv9mqwkMeltenBmpCnsJX9hJCPK3uI7gP1zx3socWc:lttToQqwdelgB6ke60uI7g9mocp
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b49eff2810e069bbf5d8edce8f48257a
Files
-
b49eff2810e069bbf5d8edce8f48257a.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 3.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 135KB - Virtual size: 136KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE