Behavioral task
behavioral1
Sample
d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4.exe
Resource
win7-20240220-en
Behavioral task
behavioral2
Sample
d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4.exe
Resource
win10v2004-20240419-en
General
-
Target
d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4
-
Size
1.6MB
-
MD5
63726ad9ffe5f7242dde95cfaf56a473
-
SHA1
95efe974a4107d4974f5398f34007acdb4768ba4
-
SHA256
d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4
-
SHA512
0a7056ecbbb8bbe36501fd3270a2a740c0e0273ce9e6c35ba0837b3abb87e9c37e621dcccac0d3638cb3d9e726495ccc25107ed4bf9396d5185ca8f945519847
-
SSDEEP
24576:VvcxIjH+lVwY+vFU401bWwwdPjNZBMV2gQieJKpSsvXhJOwFKIX8c3HlYYc8n:kIDYKY+i4IVwlPBMxZ6eSsJ8DM8c3lYc
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4
Files
-
d5b5c21718c811457ae225e2ff7d2a13a463114d3bfce8d31a70e7a6a26153a4.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE