Behavioral task
behavioral1
Sample
103fbdcfb07e882d69150399b1762e85.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
103fbdcfb07e882d69150399b1762e85.exe
Resource
win10v2004-20240319-en
General
-
Target
103fbdcfb07e882d69150399b1762e85
-
Size
775KB
-
MD5
103fbdcfb07e882d69150399b1762e85
-
SHA1
4a3d6508593b2a3e82dc7eb42d0729d68ff6d00a
-
SHA256
1a4d1944ad9bdb38bfffe115e256a82b665702d8113d7f03087c138bdbf4756c
-
SHA512
602d57c8f21538fd0936ba4d23fc0d749262a6da18a2e02b99a8028dff2f7c9432d042c16f2a08f53c863e82288e73f3337b5cff923dc35148fd6bdbdf2b8362
-
SSDEEP
24576:VEBRBwWhci9uhcLnrLXye7pZ1PFURkqfdWt:yBwWhJuhieeX14kqVE
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 103fbdcfb07e882d69150399b1762e85
Files
-
103fbdcfb07e882d69150399b1762e85.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.g Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.kxvu Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.psfx Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.fpugn Size: 512B - Virtual size: 4KB