Static task
static1
Behavioral task
behavioral1
Sample
ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2.exe
Resource
win7-20240215-en
Behavioral task
behavioral2
Sample
ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2.exe
Resource
win10v2004-20240412-en
General
-
Target
ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2
-
Size
2.0MB
-
MD5
bf754cbfa244d51520fa1f5417de3f13
-
SHA1
4e89785cb3bf11c91af6ab5d61dcae920437a13e
-
SHA256
ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2
-
SHA512
b3299ce7a290578aeeff3cda2cda0163ad69de32bee4334cac2049f85097f5a5f542b74b54f49400986391d82b16c3228b728c60fe76999bd566c073d95c0c3f
-
SSDEEP
49152:vegatAlEREqsM3RpNlezse6EjCY6drP2zAMQ80anyhu3Ps:latAlEChMz4rD6DsAMQ80N83U
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2
Files
-
ec85cbbfbc8d395fc900553c4689ca0d08c8d389c5b4f8d87d27b7e03e2208b2.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
HWAxCMck Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
DrtWJgcR Size: 40KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
�� Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE