Behavioral task
behavioral1
Sample
6181c8242031695daf8a838d9174e718a56723721d34757653df38ea3a734ef5.exe
Resource
win7-20240220-en
General
-
Target
6181c8242031695daf8a838d9174e718a56723721d34757653df38ea3a734ef5
-
Size
271KB
-
MD5
56a1bb63d191ac770eaaa916b77eb3d3
-
SHA1
18b4f66877f9ba1d5c232312decd092ff639ebcb
-
SHA256
6181c8242031695daf8a838d9174e718a56723721d34757653df38ea3a734ef5
-
SHA512
ee8f8ba5aef4b01072cb5e9fcc433b1cfd4a063fc0056277b8ee4c707d8bbbd4e8855e734c2ccc53640b4583ebdf7590af17b8eed733b8cf40fdc522deb2b4c5
-
SSDEEP
6144:Ycm4FmowdHoSgWrXF5lpKGYV0aTk/BO0XJm4UEPOshN/xdKnvP48bml:e4wFHoSgWjdpKGATTk/jYIOWN/KnnPu
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6181c8242031695daf8a838d9174e718a56723721d34757653df38ea3a734ef5
Files
-
6181c8242031695daf8a838d9174e718a56723721d34757653df38ea3a734ef5.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE