Behavioral task
behavioral1
Sample
c658aab1c9b248ed3c8645dec61ba1ff.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c658aab1c9b248ed3c8645dec61ba1ff.exe
Resource
win10v2004-20231215-en
General
-
Target
c658aab1c9b248ed3c8645dec61ba1ff
-
Size
1.9MB
-
MD5
c658aab1c9b248ed3c8645dec61ba1ff
-
SHA1
021098707e8521e3fcf1d95d5d7afa60859c0d7f
-
SHA256
482661f9bd2d4d6a84e0319593efa3386bd30ebfe460bd617b768b8ab77ffed7
-
SHA512
1da2f3eb76dbb5ab62e9f57c81f6bea4d4f573c6d27b40685dacf8b2a36a8bfeb2a4c7c84edca017b1b058f2378781b4a8d27587902e59733a3fb03ba1f8f0e0
-
SSDEEP
49152:LV7uNRXNxDbtL2tLYakOElMaFLkIITeqb:J4R9x3V2VYak7yeqb
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource c658aab1c9b248ed3c8645dec61ba1ff
Files
-
c658aab1c9b248ed3c8645dec61ba1ff.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 296KB - Virtual size: 296KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE