Behavioral task
behavioral1
Sample
362186d413065eb2edf89ba5d65e040258f5cded740fba4d26e58ca646845e14.exe
Resource
win7-20240221-en
General
-
Target
362186d413065eb2edf89ba5d65e040258f5cded740fba4d26e58ca646845e14
-
Size
159KB
-
MD5
68531c0e5fa976e450233a04e5b1c1cb
-
SHA1
bda6df68b6491e094d98c7f6626b0ca1611da3bb
-
SHA256
362186d413065eb2edf89ba5d65e040258f5cded740fba4d26e58ca646845e14
-
SHA512
51a949a5959c289d00a389860f45fc8f1a1f9704f6f4af09d1f11ac94c9f98b193903507a8bef3bbb57b65df4fe38adb160fc6c9b80142d4e89a8a3a4b174c23
-
SSDEEP
3072:xhOmTsF93UYfwC6GIout0fmCiiiXAQ5lpBoGYwNNhu0CzhKPDNuBSp:xcm4FmowdHoSgWrXF5lpKGYV0wh6D9p
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 362186d413065eb2edf89ba5d65e040258f5cded740fba4d26e58ca646845e14
Files
-
362186d413065eb2edf89ba5d65e040258f5cded740fba4d26e58ca646845e14.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE