Static task
static1
Behavioral task
behavioral1
Sample
2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55.exe
Resource
win10v2004-20240226-en
General
-
Target
2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55
-
Size
406KB
-
MD5
078aba95aa7a5f290cef84ed464f3577
-
SHA1
64bbc09de5c653d4a7e27fa5099cd94ebd4d3c48
-
SHA256
2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55
-
SHA512
07d786712326897bbf1ce17e0b0807a79bf801fc5052f390e0f434a2d9c1868004b8318e78a0d680f1eb5c0aa9249d9706fd08da5aace7c55ef618df9ee86e7c
-
SSDEEP
12288:vdDU6g13sJd1fm/+yb3O2jg82ydU/DdKumy:vdE3sJd1fm/+yb3OYg84/JHJ
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55
Files
-
2dcf982415010a9a93dd8919326258daf5865ad248de1e13cff81e2b1a22aa55.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
.sfp Size: 221KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.dny7 Size: 64KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 103KB - Virtual size: 104KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.nek Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.imports Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE