Behavioral task
behavioral1
Sample
9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f.exe
Resource
win10v2004-20240226-en
General
-
Target
9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f
-
Size
286KB
-
MD5
dbe27a384021285b096678d0045b5cce
-
SHA1
0adc53a79708a80c87912618427aab0584b47636
-
SHA256
9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f
-
SHA512
10d77fc7f83e71d59a625b26329b79ec2216ea02c252c87fcdf51252c45c14069e5fd9ff17d8eafa6b83aae660d149a925ce9944d28160527333be65313035c4
-
SSDEEP
6144:NUdaUi2bHEdtTztaZHiCRoScL+p+FAr0eLKbCOJSCyY:NUdFH2txCCCRoScKpH2+kT
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f
Files
-
9c58fc1f9397fd7a5886077e314fd85c6b8018faae56492262604e732a8a819f.exe windows:6 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 504KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 184KB - Virtual size: 188KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 81KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE