Behavioral task
behavioral1
Sample
4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f.exe
Resource
win10v2004-20240412-en
General
-
Target
4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f
-
Size
783KB
-
MD5
43feebc9c19853c315e029d4e73e6bf1
-
SHA1
ba805617b0e45d21bf4e41f26108486fa60f51cf
-
SHA256
4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f
-
SHA512
76accbdd98c94a0d303d9a8f9adbf4a5e5eb0cb2f2850eaa47e9cee7709d8c3bbe2aa62557d8d92168f93459bdc5122fe6c8088ca0952d9ea7d54a8e1f901339
-
SSDEEP
12288:hhkDgouVA2nxKkorvdRgQriDwOIxmxiZnYQE7PJcxoLiTdF:vRmJkcoQricOIQxiZY1aoLiTdF
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
AutoIT Executable 1 IoCs
AutoIT scripts compiled to PE executables.
resource yara_rule sample autoit_exe -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f
Files
-
4c577b46f3d8d8796e967c2f3b7ea87287c348e26351485ab87a43e93c5edf4f.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 472KB - Virtual size: 472KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 264KB - Virtual size: 268KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 29KB - Virtual size: 32KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE