Behavioral task
behavioral1
Sample
c78e9d2c2635369886bafe1988d1bdb5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c78e9d2c2635369886bafe1988d1bdb5.exe
Resource
win10v2004-20240226-en
General
-
Target
c78e9d2c2635369886bafe1988d1bdb5.bin
-
Size
64KB
-
MD5
c78e9d2c2635369886bafe1988d1bdb5
-
SHA1
c481b34e1b6f9f3ec35d32e1a0c80a6eae91e64d
-
SHA256
991460ed5114ebe9e6d0e32a8f3d40199ab318702c4ae03a075ae4bbc2761f3f
-
SHA512
3080034350d9f94e420440cb53bbf5517fc80b897f3ed6d3176c775530eff08b8c527b44914474288973968cebeeda996f8250993794c58a54ed5a133e2ea77c
-
SSDEEP
768:zQz7yVEhs9+syJP6ntOOtEvwDpjFelaB7yBEY9Su8F5mLZ5K7T:zj+soPSMOtEvwDpj4kpmeLmU
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c78e9d2c2635369886bafe1988d1bdb5.bin
Files
-
c78e9d2c2635369886bafe1988d1bdb5.bin.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 20KB - Virtual size: 32KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 10KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 11KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE