Behavioral task
behavioral1
Sample
d41e8463e4935ef6ba2616174b54cc73.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d41e8463e4935ef6ba2616174b54cc73.exe
Resource
win10v2004-20240226-en
General
-
Target
d41e8463e4935ef6ba2616174b54cc73
-
Size
120KB
-
MD5
d41e8463e4935ef6ba2616174b54cc73
-
SHA1
458d86079ab61aecb3debb8868966c26c20e87e9
-
SHA256
48fba76cfbb57a5ec146015cc111437c01f1c326af5f700ef806847be2985e07
-
SHA512
fda3e2f23d92229b260b807ac5afa18fcc976deaa334ccec33b19a1d6535dc0ecf38b71f7888d6dc30111951f152d4f0f57c165c5068fb401fa0b1bbb02236f4
-
SSDEEP
3072:KhTFOOZmV8Xu54D6abDGSnTsZYk26rDzqvtQCULaxx:KlBmgu54rf5TsZYk26XzitkA
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d41e8463e4935ef6ba2616174b54cc73
Files
-
d41e8463e4935ef6ba2616174b54cc73.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: - Virtual size: 172KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 118KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE