Behavioral task
behavioral1
Sample
d3c4572cd281a36e4da4c0a736f83c92.dll
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d3c4572cd281a36e4da4c0a736f83c92.dll
Resource
win10v2004-20240226-en
General
-
Target
d3c4572cd281a36e4da4c0a736f83c92
-
Size
16KB
-
MD5
d3c4572cd281a36e4da4c0a736f83c92
-
SHA1
d7e59028fc77acd18bc692a2b3d2efb8e7cbc087
-
SHA256
3b0097183b2e3030197abf030e8c3ec003e939c197db5103bcc9c507bb3bc207
-
SHA512
79e8863947e2639f57d18bf7b40b469d6321c462fcd79765e5563f2c02cc71fd54790d629590ee90ec737eb19bb5af95e935438e603e9f1faa0681cd3af6d842
-
SSDEEP
384:ndDESMeMa6fnOWTEoA6Xp72ktzh3hT8Ov:dIiMJv7T+WpyOFhA4
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d3c4572cd281a36e4da4c0a736f83c92 unpack001/out.upx
Files
-
d3c4572cd281a36e4da4c0a736f83c92.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
UPX0 Size: - Virtual size: 48KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 13KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.dll windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
Sections
.text Size: 28KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 8KB - Virtual size: 6KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 14KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ