Behavioral task
behavioral1
Sample
d79fc4a249d37f4ff8025a18acba9886.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
d79fc4a249d37f4ff8025a18acba9886.exe
Resource
win10v2004-20240319-en
General
-
Target
d79fc4a249d37f4ff8025a18acba9886
-
Size
133KB
-
MD5
d79fc4a249d37f4ff8025a18acba9886
-
SHA1
2ab49144fbd5783e3909aee9c82cf74494c88092
-
SHA256
5f0f44c9fb658329fcd24fde69e905f11637d40eeb8c484d3756a877fbe79ba6
-
SHA512
84a25d94993951079862534d2c9681dcd30abf97a8d01ea1407149168454a9bfc3a4ad7c5e7594663ab536c4a8ae97fdac26afe0a905e20d0c8ca963a1ee1347
-
SSDEEP
3072:4wT6hiHOksw/bAmwsewqWBIDiNH34PACrFOUB+IyQ:XmhiHsw/bqsBqJDFhNHyQ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d79fc4a249d37f4ff8025a18acba9886
Files
-
d79fc4a249d37f4ff8025a18acba9886.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 396KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 131KB - Virtual size: 132KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE