Resubmissions
06-03-2024 05:58
240306-gpf5psdg44 7General
-
Target
b6ad4c4340f03740a7fecf4fafc8a7a8
-
Size
213KB
-
MD5
b6ad4c4340f03740a7fecf4fafc8a7a8
-
SHA1
cfba8548671685424f82b522b1f24006df9a72d3
-
SHA256
93c59b62f4c80090e540f9f9bba7775683a4aaf5dc2594e0a0700845d3f12393
-
SHA512
abef0de4f10be9dc2a5127e74923187f0df2544532ec31ed36dd9084df3a5e54e7456a7af9a9246dee0cb3e2012b88c83116c25e05613fa4343ec332d4c7fbcb
-
SSDEEP
3072:y62MonpU9tw04VQJM6216XzD8areAEP/lQgWu6OWVcoGgsmOKh/v6nv6DNy:T2MAU9yfoFn7qJ3lm8ct1RDU
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource b6ad4c4340f03740a7fecf4fafc8a7a8 unpack001/out.upx
Files
-
b6ad4c4340f03740a7fecf4fafc8a7a8.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 175KB - Virtual size: 176KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 37KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 191KB - Virtual size: 190KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 34KB - Virtual size: 33KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 6KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ