Behavioral task
behavioral1
Sample
11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862.exe
Resource
win10v2004-20240226-en
General
-
Target
11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862
-
Size
94KB
-
MD5
38d002ad7043ff10aec6e9459f7449ee
-
SHA1
b3c817168fed8780b0aed9885778d04cd1ed36e3
-
SHA256
11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862
-
SHA512
e380f0412c1524906209b6486f7c6b496efc00a7b0b19ad790880fc4b2cdcaaa1dac993283ef707d0dd4a8afd855522e43015d73f8a12805bba693fb645c23a6
-
SSDEEP
1536:bRVCaKgzbLc54hukfgvYnouy8v4DcV1Ayj4m/QWR/Rlq88vlnRqPR/1aViDRkn91:VjbLl/gvQoutv4DQ1Tj4mYWR/R4nkPRA
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862
Files
-
11c2ca75d58b578ab03d4850f1e1cb2e48c8da31a74093b1ba7d18b88b91c862.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE