Behavioral task
behavioral1
Sample
b5a3fc40ba512220e4416a5631585174.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b5a3fc40ba512220e4416a5631585174.exe
Resource
win10v2004-20240226-en
General
-
Target
b5a3fc40ba512220e4416a5631585174
-
Size
855KB
-
MD5
b5a3fc40ba512220e4416a5631585174
-
SHA1
8834f01c9c00bcbbc93d4f5e4fedcfb7b661186e
-
SHA256
df15e5ec018f4eec472123ee5cef32d025a293acf7255e2fd75c9e0892240fb9
-
SHA512
964c380ebadd30b751088cab660590b33f67fb02bc5cf22570f50a0cd85bca2e04a705e3f658e46686413c25de0b5c3b173c85021e95299cc6f9b82f99084a65
-
SSDEEP
24576:SGBxCWL6YkgDdB17f9Ok/JSGRvYcFWHj:SGaWoQtTvVFq
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b5a3fc40ba512220e4416a5631585174
Files
-
b5a3fc40ba512220e4416a5631585174.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 5.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 837KB - Virtual size: 840KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 17KB - Virtual size: 20KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE