Behavioral task
behavioral1
Sample
hey.exe
Resource
win10-20240221-en
General
-
Target
hey.exe
-
Size
377KB
-
MD5
7cde897048ba8e2cb8e83895bc1dc021
-
SHA1
c588b0097d2d4024905afbaa3278a3b418c3b77b
-
SHA256
8a6ebbd7f214304e7a045018a7871abe5cee5fca302c078e30a4e6da30b5ef3a
-
SHA512
5bb87d19ff19435ebe48014e5f4e4c272769ca8bb765382294af350b7bd29717fcaaa38225726e55c4885bfa1c2ce6def0879dfea289820327a8afa3c8f8aafe
-
SSDEEP
6144:txpqDW7CxijxIgWme7CDDeO95vcBuQUg3AMk+5hFtlKmiIrcsTyeX78l8aH9oSka:tPqDRlbhUTfaucAMk+5hLdxTjmoSV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource hey.exe
Files
-
hey.exe.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 508KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 303KB - Virtual size: 304KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 73KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE