Behavioral task
behavioral1
Sample
dd94ba7eb3367d6a2402be698c3ca50b406c696ede8f0b8cf4cbb7be307f00df.exe
Resource
win7-20240221-en
General
-
Target
dd94ba7eb3367d6a2402be698c3ca50b406c696ede8f0b8cf4cbb7be307f00df
-
Size
4.8MB
-
MD5
b2802b411bbc19370643d24bf0b93c0c
-
SHA1
903cdcaa02c957dee79ffbd47dc74d514f294ba9
-
SHA256
dd94ba7eb3367d6a2402be698c3ca50b406c696ede8f0b8cf4cbb7be307f00df
-
SHA512
b4a1cd8971389708a924e730551d7cce00af42b8d3f6a2a820ae03f801a2e7fe4ad0283638c9f7a91a36fe6f2ba100d7e49bf2f860dff7aaf4866d0a54e4d757
-
SSDEEP
98304:BnTQ1u4sWhmKH0j+wFyra4m5Yzy57pG6fTjRjz/gehMN+dzjv1:BnTh4skmKHU+Za1H57zp/ghEzjv1
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dd94ba7eb3367d6a2402be698c3ca50b406c696ede8f0b8cf4cbb7be307f00df
Files
-
dd94ba7eb3367d6a2402be698c3ca50b406c696ede8f0b8cf4cbb7be307f00df.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 20.1MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 580KB - Virtual size: 584KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 67KB - Virtual size: 68KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE