Behavioral task
behavioral1
Sample
03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378.exe
Resource
win10v2004-20240412-en
General
-
Target
03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378
-
Size
358KB
-
MD5
b098c4cf5bd4011c5adb73fe48406d11
-
SHA1
df26b7e869a526ad511771f3d67db1d78d4080e7
-
SHA256
03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378
-
SHA512
3d3d919a2e3926a3d3477833bad5642d32cd8510a00d54ce90234add79ac65e90f84c3bba27e0a906b37f590a56bc6373475cc7c3012dd377c73323433ce1702
-
SSDEEP
6144:EYZTfk3D6L0vwL4BUk++84R3qh0GQ43DkDgRD0ez+/UO85q+sBYfYVP:ESfCV0G/++84R3R03DkJeNO85qT
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378
Files
-
03ed454deece2a3fb7c3731f01a1648386d2f0f088095701df387b42ce6a7378.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 380KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 224KB - Virtual size: 224KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 133KB - Virtual size: 136KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE