Behavioral task
behavioral1
Sample
cb24bb8e5733a7f48fecdd6b9c176e74.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cb24bb8e5733a7f48fecdd6b9c176e74.exe
Resource
win10v2004-20240226-en
General
-
Target
cb24bb8e5733a7f48fecdd6b9c176e74
-
Size
151KB
-
MD5
cb24bb8e5733a7f48fecdd6b9c176e74
-
SHA1
118cfba90402d4198f23ab60bbc39444f94f1193
-
SHA256
14dee2c3a5547e2b6753464bb5f2a703069819d4c239ef9062638ab52d26d840
-
SHA512
93966c9444da768c70eea3c8ccf6372ec41094202c48c07855a86a64b0c985a086908966f556ac483a449b476faac7c9ab801c9b3c42189355c1cf380677277e
-
SSDEEP
3072:YVLh6duYsR68Gp2GugO2MVpKXYX8lydFCtRDKzVZ3:GLAsWR0bgPMjBFcRuzVR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource cb24bb8e5733a7f48fecdd6b9c176e74 unpack001/out.upx
Files
-
cb24bb8e5733a7f48fecdd6b9c176e74.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 72KB - Virtual size: 69KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ