Behavioral task
behavioral1
Sample
b9ba36ca24fe595b3808d48352f3d6bb.exe
Resource
win7-20231129-en
General
-
Target
b9ba36ca24fe595b3808d48352f3d6bb
-
Size
600KB
-
MD5
b9ba36ca24fe595b3808d48352f3d6bb
-
SHA1
8d79e8fa69ef0e25d7c7f0179cbedaad1859dc05
-
SHA256
23afb0b6213acc88865b5f0171762412aa649fbf0bac0730ff899f910a10ffce
-
SHA512
3999e0eadd6996b3e50165c63883263e36a5d71342e621f4b81926a43c941d5e87bdefbd9e2f012e359cb6d042af40abbd9faa278b478649f702a5e0d9d430ff
-
SSDEEP
1536:vKAWuYAgiWhGe61SNzOJDFNEE3jexfWjIiiFtD3X51MAvkUfzykL0lOT818WDKUt:iAtYBfP6O0yE3jUWjIdFNH5eDCA
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b9ba36ca24fe595b3808d48352f3d6bb
Files
-
b9ba36ca24fe595b3808d48352f3d6bb.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 548KB - Virtual size: 548KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 45KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 6KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE