Resubmissions
15-04-2024 11:39
240415-nshk9sdd73 1015-04-2024 11:39
240415-nshahafg41 1015-04-2024 11:39
240415-nsgnzadd72 1015-04-2024 11:39
240415-nsf3fadd69 1015-04-2024 11:39
240415-nsffxadd68 1010-04-2024 05:03
240410-fpndcadd29 1010-04-2024 05:02
240410-fph4madd28 1010-04-2024 05:02
240410-fphsvsge5z 1010-04-2024 05:02
240410-fphg4age5y 1008-02-2023 19:06
230208-xr3z9aef82 10Behavioral task
behavioral1
Sample
2579be109c1035cb96942951710020a8.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2579be109c1035cb96942951710020a8.exe
Resource
win7-20240221-en
Behavioral task
behavioral3
Sample
2579be109c1035cb96942951710020a8.exe
Resource
win10-20240404-en
Behavioral task
behavioral4
Sample
2579be109c1035cb96942951710020a8.exe
Resource
win10v2004-20240412-en
General
-
Target
2579be109c1035cb96942951710020a8.exe
-
Size
147KB
-
MD5
2579be109c1035cb96942951710020a8
-
SHA1
6987472967c8ce5e3d5fd6730a9da2964afacd10
-
SHA256
a0a5ebd512b7685798ac966c0b05415df9eff585a79af11c9ff99d7aa17e2101
-
SHA512
191ea3d7edc69f1cb9d1ec4967074667c5e1c6b02fdaa8bbc5a4414bf5ca00ccafadc49670c5b3065133915d78e482572545f1d0c8c3382e6a767c1f08a33a21
-
SSDEEP
3072:9NuSXw/c4JHdNX8PAzCABaxg0r27f8EjQspDNJJAksa:9oSXw/hfNXmAzbYg02Ok
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 2579be109c1035cb96942951710020a8.exe unpack001/out.upx
Files
-
2579be109c1035cb96942951710020a8.exe.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 152KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 117KB - Virtual size: 120KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 89KB - Virtual size: 88KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 5KB - Virtual size: 15KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 111KB - Virtual size: 110KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ