Behavioral task
behavioral1
Sample
9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd.exe
Resource
win10v2004-20240226-en
General
-
Target
9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd
-
Size
851KB
-
MD5
d77ab18e52f02b39a7b32623297323e9
-
SHA1
53654b0e5d912ff10402dc3e5af937efc813b40e
-
SHA256
9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd
-
SHA512
97d555fff47c46666a7bdcb800354bdafbc06eed107c5cd474818940aec5eebcd5887402a250f5ee5d859c27d754103e2d18888a2c1735797882cb7167bc48cb
-
SSDEEP
24576:lU5swJ77zVkBut7BKl1bwlWunyFkxyXRuhU7/E:+5FZCBunKlJ2y+oE
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd
Files
-
9ba239f5b18c8b83ebf8f16b33e7e0064ae15d5e9d637d9705d35c1b9ed7efbd.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_NO_SEH
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 60KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.g Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qhw Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE