Behavioral task
behavioral1
Sample
23d80bdcc5392733b0d78e819d77fa808c96f2d188e03614a1cd8e61aa425ab9.exe
Resource
win7-20240221-en
General
-
Target
23d80bdcc5392733b0d78e819d77fa808c96f2d188e03614a1cd8e61aa425ab9
-
Size
78KB
-
MD5
4f8effe171bcb70370659f59befbdf4f
-
SHA1
ce8a773f07d7e3619208bb147d7343d82ed37feb
-
SHA256
23d80bdcc5392733b0d78e819d77fa808c96f2d188e03614a1cd8e61aa425ab9
-
SHA512
f60e541a971a6f163199a49b1dc3729fbba2f360ab818b95ddfd9444e8cd18be39a0ac002d73ada9793c5c542d1be5fe0f5c7081347b9d246ede7f9837d6a46c
-
SSDEEP
1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TVg:zhOmTsF93UYfwC6GIoutiTU2HVS6u
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 23d80bdcc5392733b0d78e819d77fa808c96f2d188e03614a1cd8e61aa425ab9
Files
-
23d80bdcc5392733b0d78e819d77fa808c96f2d188e03614a1cd8e61aa425ab9.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE