Behavioral task
behavioral1
Sample
b7d80e6dbb9b4f13004a9a142f9f13bf.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
b7d80e6dbb9b4f13004a9a142f9f13bf.exe
Resource
win10v2004-20240226-en
General
-
Target
b7d80e6dbb9b4f13004a9a142f9f13bf
-
Size
1.2MB
-
MD5
b7d80e6dbb9b4f13004a9a142f9f13bf
-
SHA1
25c266ce414009a4c0bfb7b244e8a6b505e6d1f2
-
SHA256
3a4a3a7bea36d8a645e5863fcef8da6182f9b52ce1f746b5031ca19f5d424d02
-
SHA512
b275aa156052c1842c719c2bb990f299b6dea257412a1ecc39e77c0efd9b602a499d322e5ac60b992c322b20ff6212a16141a8f078dac60820d8148ef0f65f1c
-
SSDEEP
12288:+svn1SUcKkypI1wYmba4wvPqTzz++xPeWQm5h/EicaIGmba4wvPqTzz++xPeWQm:p1SBySItTzqjWX5pJOtTzqjWX
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b7d80e6dbb9b4f13004a9a142f9f13bf
Files
-
b7d80e6dbb9b4f13004a9a142f9f13bf.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 588KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 195KB - Virtual size: 196KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 107KB - Virtual size: 108KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE