Behavioral task
behavioral1
Sample
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296.exe
Resource
win10v2004-20240226-en
General
-
Target
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
-
Size
497KB
-
MD5
1183f3ae6732abee2ac76d895c39b306
-
SHA1
4ad33b5709e7c37e36bf1f9e5e2f0560391a65db
-
SHA256
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
-
SHA512
df1a76c63cffd2a92ec21eff8b3c7ad85fc275a0a981fd0e6045d765553740fd38b7cbf6cadcc174257e75f7b1c2c6763242b85500f7d4075f64520a9ce68ad7
-
SSDEEP
12288:CEQoSsLC1jmMe6D1FlxjN0YdVyb17Vsw0wkDXiIRwA:CrjmMtDHlx20YbJVswRcXiIRwA
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
Files
-
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.jxmnr Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.lpkez Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.g Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.d Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE