Behavioral task
behavioral1
Sample
dbf83c93288ee67b74d4d4612131cad8.exe
Resource
win7-20240221-en
General
-
Target
dbf83c93288ee67b74d4d4612131cad8
-
Size
3.1MB
-
MD5
dbf83c93288ee67b74d4d4612131cad8
-
SHA1
5f11878711ee40049b3c5ea7f33d8904e19dab72
-
SHA256
0740f6560068cb4a55206ca4c76ca52d0a338360c398fa7b18ae4ece20e90506
-
SHA512
27c874f4ce647bc9eea60a28811e691a894cdf75104128f0371eac16f3aa9dcb474176054470b3b7904d87711acd58e5cc8fe599cbbf8a380f7af8d415ae34d8
-
SSDEEP
98304:0dNIA2b8lIpIta0Icq+KPtYulORjiCSHwdlPtqM7RcS4FIKU21IEfrNdSf8x:0dNB4ianUstYuUR2CSHsVP8x
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dbf83c93288ee67b74d4d4612131cad8
Files
-
dbf83c93288ee67b74d4d4612131cad8.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 4.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE