Behavioral task
behavioral1
Sample
0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803.exe
Resource
win10v2004-20240426-en
General
-
Target
0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803
-
Size
1.6MB
-
MD5
bcefd26185cbc4ab0b9525652972913a
-
SHA1
b2ceebe0a27abda967309b25d9b103698db40fca
-
SHA256
0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803
-
SHA512
7f0193ccce0f796b7eecc942d3661aecfaaf4c14d56782a0ec7a904a83584ea3a56ae0d0c9b3b5f93b71fc88f0bfe3231ed5af7e73f988fd2c6149634d54bbdd
-
SSDEEP
24576:VYgK84mc3oQNtuGKJneIez3s+5OHOY+1WFfjchp33CVZsH1jelgS4AhKjiCq:in8zQKneI43958O71WGSVZsHggSHKj6
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803
Files
-
0c5c5eaf9f6b807bb514135d3f3b70de847b12f52fe36d97b9349e291bdbf803.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE