Behavioral task
behavioral1
Sample
4846e909d7b30362fcd5f63862db57a95af957aac890d86342bad7cc62b48499.exe
Resource
win7-20240220-en
General
-
Target
4846e909d7b30362fcd5f63862db57a95af957aac890d86342bad7cc62b48499
-
Size
408KB
-
MD5
068dd69f8e46929fa5752f77677eb95f
-
SHA1
a2f2327d68c4e7ddcb09880b464133ecb4b17e42
-
SHA256
4846e909d7b30362fcd5f63862db57a95af957aac890d86342bad7cc62b48499
-
SHA512
6b793a3879783d0456f0bebfb4ef7b5271903b92da889baaef51089233ee45ec7ca35b3927dbcb17fda8cb9fdfc84b8a87876c778f8fa900c23be542fb34eaa1
-
SSDEEP
12288:N4wFHoS/r4wnwFHoSv4R7OrxG4wFHoS/r4wFHoSPuulubE5:vOrx3g
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4846e909d7b30362fcd5f63862db57a95af957aac890d86342bad7cc62b48499
Files
-
4846e909d7b30362fcd5f63862db57a95af957aac890d86342bad7cc62b48499.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
BFgLIbEX Size: 3KB - Virtual size: 2KB
QnXpkTig Size: 33KB - Virtual size: 33KB
lpsKQfcd Size: 68KB - Virtual size: 68KB
IAXXUjfB Size: 11KB - Virtual size: 10KB
BYxNdCKT Size: 1024B - Virtual size: 705B
ggPtslcU Size: 512B - Virtual size: 145B
gSuhDEtL Size: 69KB - Virtual size: 68KB
EIkTLoST Size: 4KB - Virtual size: 3KB
vWiBGeZz Size: 99KB - Virtual size: 98KB
paAbaMLA Size: 28KB - Virtual size: 27KB