Behavioral task
behavioral1
Sample
53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8.exe
Resource
win10v2004-20231215-en
General
-
Target
53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8
-
Size
405KB
-
MD5
791fb13ae1c1a10ccf85f7635b6ea540
-
SHA1
83a016c80872df879536bd2b832ccc5377027908
-
SHA256
53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8
-
SHA512
b2b0fd0d1b19e422d7e47a824cbd0c2cbc0d1a86b7524f33d61e1d856c35fe0458d1a32c65a8b57ef3276aace1be739dfdb11323bc011d9193910d884ed8f7a9
-
SSDEEP
12288:VEQoSFgJwAMswOO0jx52oQ68KNBuvTvr+9:VDgqAJFNjxIoQ6rwTj+9
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8
Files
-
53e45b6ec98dbe7b442b15ef39fd1e2d46b8542a50a5c76ea1576b1927b965e8.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.g Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.kxvu Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.psfx Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fpugn Size: 512B - Virtual size: 4KB