Behavioral task
behavioral1
Sample
c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208.exe
Resource
win10v2004-20240226-en
General
-
Target
c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208
-
Size
377KB
-
MD5
abf5120441a8f4c0b7fe9c9adeb3da2b
-
SHA1
e7c1eeb37461605f709e4455a5793d3511e49117
-
SHA256
c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208
-
SHA512
473cc9dfa97403b92df2ced9bcac8f35ca8e72fb37c0c1575dd8b1ca8a45dcd9fd28e46dac44e081c0279b543ca974c033f103bfdbd11db783bbe71b01abd3eb
-
SSDEEP
6144:G72k0YujF59B+SNiT1SRws339pnPJ7ImcvKoSYxTz:0FxujX9B+lAb9ImhoSmTz
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208
Files
-
c1e2592f994c7460003c6503b5aacad0158fc1136273203128e444123fade208.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 200KB - Virtual size: 200KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 167KB - Virtual size: 168KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE