Behavioral task
behavioral1
Sample
2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9.exe
Resource
win10v2004-20240419-en
General
-
Target
2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9
-
Size
1.6MB
-
MD5
aab4e6e25d97577cf83dd062c914bf3a
-
SHA1
101e9b1da9636c58efff7890834943c347ae6e66
-
SHA256
2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9
-
SHA512
8d794e089a09b8dbe864051e968d905aeccc02c63889c3309da1beb53cdc3227afd85f9f17b52bdeddc2ff3d597c6ca7bf925a121d1306a5c418111a391c9a84
-
SSDEEP
49152:AN+l0VfLyk2sUQ0P/V3B8oV8X9/tkaCT8Ir:/l0VfqxALkIM
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9
Files
-
2bc36f2300e832f4b097cebaefadd6b706380545263f708a64d4583b80ea1fa9.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.edlwv Size: 68KB - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.oh Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE