_MyFunc128@4
_MyFunc48@4
Behavioral task
behavioral1
Sample
62cb8ffcd08fadd1ea237743e3d45715e1cd980060996e8f6e57e03f2b6eef52.exe
Resource
win7-20240221-en
Target
62cb8ffcd08fadd1ea237743e3d45715e1cd980060996e8f6e57e03f2b6eef52
Size
545KB
MD5
40fb348c1092ed74766def033e31a413
SHA1
a67589149215ec3ed06a6572bceb79af90f6b6a0
SHA256
62cb8ffcd08fadd1ea237743e3d45715e1cd980060996e8f6e57e03f2b6eef52
SHA512
a90da55944759c98f434d7ce8f81996d4dff537dd48526d48a32def753cdf54640551e12d7fda31a917ec6cf5e8e502fc6c4734551a9044f8f73ba94738dee17
SSDEEP
12288:mSAF2Na9oopVqwFG4qOdIDfo1jWDfXPPPnz76AhXBFJ:mOa9oG3FG4qPfoIDf/Pb7XXBn
Processes:
resource | yara_rule |
---|---|
sample | UPX |
Processes:
resource | yara_rule |
---|---|
sample | upx |
Checks for missing Authenticode signature.
Processes:
resource |
---|
62cb8ffcd08fadd1ea237743e3d45715e1cd980060996e8f6e57e03f2b6eef52 |
unpack001/out.upx |
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
_MyFunc128@4
_MyFunc48@4
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ