Behavioral task
behavioral1
Sample
531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3.exe
Resource
win7-20231129-en
Behavioral task
behavioral2
Sample
531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3.exe
Resource
win10v2004-20240226-en
General
-
Target
531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3
-
Size
189KB
-
MD5
4ee24bc0c240edce7fae69b05278707e
-
SHA1
f9f15144994b50631b7666b2f59fcb72007b5175
-
SHA256
531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3
-
SHA512
0c8beefe50d40778cc94f80cc7886e4e27abd6c298d04ac19aead80bf130a033f4b75134b66d60da6bd026338e05a377daa5a9b06902baa79c9de1df4667a1e6
-
SSDEEP
3072:Dvs4dDXEGCLElz1Tj4mYWR/R4nkPR/1aVvlEldZn4kAnGbDeFM5Fh6QFtrUPE6aE:bPDLCL4Io5R4nM/4pedpcGfkMnQQPIPp
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3
Files
-
531b95fe1eaefced04870f97879693711e8923aae7cb451b834354c177aa6ca3.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.bvxzt Size: 44KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.yno Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.vzkj Size: 512B - Virtual size: 4KB
.kemyz Size: 512B - Virtual size: 4KB