Behavioral task
behavioral1
Sample
df8148fdbea45757019f03995d757ea0.exe
Resource
win7-20240221-en
General
-
Target
df8148fdbea45757019f03995d757ea0
-
Size
4.5MB
-
MD5
df8148fdbea45757019f03995d757ea0
-
SHA1
a256b2e83795191d622d1355c11b105c9ee7274c
-
SHA256
98f443fa7605c0ca0ff2aac8bdd71654a31c43e447e8d1d882bffd2776a71ccf
-
SHA512
9316d822787e3c7211ab0c02ee7f2ffad23bf2c98d17c765f0a50f3203e528c8d8d224f47a8151581b2e116d1ac9543f9232d7ab5462e3501b1963e5425b10ef
-
SSDEEP
98304:0dNIA2b8lIpIta0Icq+KPtYulORjiCSHwdlPtqM7RcS4FIKU21IEfrNdSf81:0dNB4ianUstYuUR2CSHsVP81
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource df8148fdbea45757019f03995d757ea0
Files
-
df8148fdbea45757019f03995d757ea0.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 4.5MB - Virtual size: 4.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 3.1MB - Virtual size: 3.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE