Static task
static1
Behavioral task
behavioral1
Sample
98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866.exe
Resource
win10v2004-20240226-en
General
-
Target
98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866
-
Size
41KB
-
MD5
79e260a513f98d0e38814275ff375430
-
SHA1
3b44c85110e60418d903e928142bf9bb30996995
-
SHA256
98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866
-
SHA512
95a210a5066a190ee4d251b05673918b8c836619f79e41c4c6a7dd228d13e26ede312ec81e5ded549c6e490fcbb5617c6d006d60503f71631fdee14e4d2d6b56
-
SSDEEP
768:qeMc5VwWt1jDkbXdnTOyQxHFO+IxX2P5LIbbcPYir2lAqcdF0i09sy1+:qq5VwWDjDkdTRqHFOn8tIbbeYiuZIFS2
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866
Files
-
98314be4825f2c7d10644a2cdeccdcd8191690dbfdb514f3f9635ba31a075866.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
21c9vgob Size: - Virtual size: 76KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
2di2pzuw Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
21whschz Size: 2KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE