Behavioral task
behavioral1
Sample
428d95253941ae338bf93068e7b6542067c534e2094072847fd5e54052e4698d.exe
Resource
win7-20240215-en
General
-
Target
428d95253941ae338bf93068e7b6542067c534e2094072847fd5e54052e4698d
-
Size
2.4MB
-
MD5
df28061ab44a62979191543d8730b61f
-
SHA1
bf1ee73f8d24070f40c1e6c5322037a2014ade2f
-
SHA256
428d95253941ae338bf93068e7b6542067c534e2094072847fd5e54052e4698d
-
SHA512
f41c4c96cc231546c95a835dfa00d1102bfc6380f718e51aee03c0b8bff30599af8c0e572db547c90c492a11a85f2c1f06f3960eb547bcea08561942e81a7d5a
-
SSDEEP
49152:YJy654tsdknypsDevA5XvRtxcfe/1yMpmiVtsp:YJy65wsjpsyIZvtdkM7Vt0
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 428d95253941ae338bf93068e7b6542067c534e2094072847fd5e54052e4698d
Files
-
428d95253941ae338bf93068e7b6542067c534e2094072847fd5e54052e4698d.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 9.7MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.3MB - Virtual size: 2.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE