Behavioral task
behavioral1
Sample
SecuriteInfo.com.W32.PossibleThreat.2648.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
SecuriteInfo.com.W32.PossibleThreat.2648.exe
Resource
win10v2004-20240226-en
General
-
Target
SecuriteInfo.com.W32.PossibleThreat.2648.19857
-
Size
479KB
-
MD5
537ab5e19e9158ffcac825558a1e0191
-
SHA1
45c65947a3da15a6dd654d59609d00ba2b6fa598
-
SHA256
d54997e6a5f3f945ea8c6fad8801ff867d29c748c8bede4bca1a76dc761f29f5
-
SHA512
57c2196d9ea64318e95beae11ec069f238d96a26d41ff51f65c70859a6347dc8c1fb8bf802756bce4896be53c1c62aaa51030270470a71d7d27cb19c13199f66
-
SSDEEP
12288:UxY5n4EotJvYvt66jYNNN3doSOauP72dR:UK5eYY6jYfN3Ps2dR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource SecuriteInfo.com.W32.PossibleThreat.2648.19857
Files
-
SecuriteInfo.com.W32.PossibleThreat.2648.19857.exe windows:6 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 724KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 371KB - Virtual size: 372KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 107KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE