Behavioral task
behavioral1
Sample
cd0e5870dfeb2c4e57ccb4d79d8006e5.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
cd0e5870dfeb2c4e57ccb4d79d8006e5.exe
Resource
win10v2004-20240226-en
General
-
Target
cd0e5870dfeb2c4e57ccb4d79d8006e5
-
Size
206KB
-
MD5
cd0e5870dfeb2c4e57ccb4d79d8006e5
-
SHA1
49e5394285bd1275e4cad7a17c1e4d6a06fe9738
-
SHA256
42532bd537b2c526f5fe8e6937c4ee578ab137043ce7a1e0af4fc661c260d97b
-
SHA512
3dd5209855e3a5674aaf3a363a0ded0c67ebf5fe5e44000f01dc0f9b4bb01c144f0e054bc2c80dcbdd23b3cc6db1ef6fbe365e0610b9935639dac425e9757ba9
-
SSDEEP
3072:Vy0wMIf2j7PDCUjmu9h8u/chvJbi6EVBoapzfXQltob/MVJe0wxLwBvlfZ0d:6uOPHcoKrstQ6e0wh8fid
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource cd0e5870dfeb2c4e57ccb4d79d8006e5 unpack001/out.upx
Files
-
cd0e5870dfeb2c4e57ccb4d79d8006e5.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 120KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 198KB - Virtual size: 200KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.text Size: 156KB - Virtual size: 155KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 145KB - Virtual size: 144KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ