Behavioral task
behavioral1
Sample
b556267fb5b169d1997db695b2c7bcbd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b556267fb5b169d1997db695b2c7bcbd.exe
Resource
win10v2004-20240226-en
General
-
Target
b556267fb5b169d1997db695b2c7bcbd
-
Size
5.1MB
-
MD5
b556267fb5b169d1997db695b2c7bcbd
-
SHA1
c728cf7cdfef9a325d9e4f7e923a8e1c552b9caf
-
SHA256
cfdd483911efb289a76695bcb6752dea6e9a406ff6a4683fe303a111ca8595df
-
SHA512
acb7b0b1b11f9298f78dd5c971bcb57e6e00f8f3a5079377327a21bfd8ed0d7c6786145a1ea99fc271148de7369d2f2a5d49f5b24b45786c94ab6e2ea058484b
-
SSDEEP
49152:FM8oMccdoYou33g8CUCgRG6MhW5xrlFZNOFb6yRjFo8GF8Bay3mmSYr2KGMpfAPS:FNLHg3gbX0p3mnBMJA0UG3
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b556267fb5b169d1997db695b2c7bcbd
Files
-
b556267fb5b169d1997db695b2c7bcbd.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 7.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.4MB - Virtual size: 2.4MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 208KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE