Behavioral task
behavioral1
Sample
def683c29a3b6f683753d764793a9641.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
def683c29a3b6f683753d764793a9641.exe
Resource
win10v2004-20240226-en
General
-
Target
def683c29a3b6f683753d764793a9641
-
Size
347KB
-
MD5
def683c29a3b6f683753d764793a9641
-
SHA1
55c521f3ea84868cdc99c7a1ee01fabc956785a1
-
SHA256
93b7e45003493addae62be080d3b82f2472829bec0c96e956ba96977436a3155
-
SHA512
e6810bb0492edd2430b708a95e6904ed7e745aaf14f5cad3d5cffc57038a807a5e7b209489817c24faad99d211e1c091bda12dde47f4acb32b00008e602dda26
-
SSDEEP
6144:hGyGCamYcs+qHlKxp+lI78mc7s34pmdD2CWvHkSDFTih5owmXesY0:h3JamJfz7GAIpSDKvbhih5owmXesX
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource def683c29a3b6f683753d764793a9641
Files
-
def683c29a3b6f683753d764793a9641.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 24KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE