Behavioral task
behavioral1
Sample
UMF.Installer.exe
Resource
win10v2004-20240426-es
General
-
Target
UMF.Installer_v0.53.9.zip
-
Size
9.2MB
-
MD5
da9e6cfb4d9451c1cf3968729e1ef19e
-
SHA1
a2eb7cf4ad37086272d9ebd825d2cea66225f308
-
SHA256
fd1a21c9be37ab39428fd81f33d77af9a141d937f8468e7bbe75bd01be0ce5b8
-
SHA512
cff4948862402f9ad9e74c2ded2895b99b00c07e2212604218b16ccdba83403b580cfc6887327c6ebfb1d56c34b6895a9cc5f3fe066baffac9de28ba34ba4050
-
SSDEEP
196608:WZWA7zCV/9v019ZzczuWLO0WxwscXBNLLmu:lq8/9vX3S0YwsSNL9
Malware Config
Signatures
-
Blackguard family
-
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/UMF.Installer.exe
Files
-
UMF.Installer_v0.53.9.zip.zip
-
UMF.Installer.exe.exe windows:4 windows x86 arch:x86
f34d5f2d4577ed6d9ceec516c1f5a744
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Imports
mscoree
_CorExeMain
Sections
.text Size: 10.1MB - Virtual size: 10.1MB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rsrc Size: 313KB - Virtual size: 312KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.reloc Size: 512B - Virtual size: 12B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ