Behavioral task
behavioral1
Sample
e0827d842740a10fb8294ec14a55d25b.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
e0827d842740a10fb8294ec14a55d25b.exe
Resource
win10v2004-20240226-en
General
-
Target
e0827d842740a10fb8294ec14a55d25b
-
Size
204KB
-
MD5
e0827d842740a10fb8294ec14a55d25b
-
SHA1
040dce13eb4cf49a7f4819bc7635963e2256c9ac
-
SHA256
1c170cb567b60f975015bfe7f57ed44ffadbad0302be6f68ad8dbea3b772cb35
-
SHA512
5c6cdef8bb913acf80485582b840c3723f6d6635f10c0172216ea1491f0404bf5f225917d20650a8696ee383bfc49a409aac2726000d885779c45dd87cd3f668
-
SSDEEP
6144:3gHSgHabX6ZBl60FS9RGJbTRJg9Kdu3nBS1WzYJ:3gHSgHaWZBM0oLG9RJg/s5J
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource e0827d842740a10fb8294ec14a55d25b
Files
-
e0827d842740a10fb8294ec14a55d25b.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 488KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 269KB - Virtual size: 272KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 48KB - Virtual size: 48KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE