Behavioral task
behavioral1
Sample
bfbdec1affdb2a7b7c768d3d497f4820c06fd4d29cb37f4660705eb6c8907ca3.exe
Resource
win7-20240215-en
General
-
Target
bfbdec1affdb2a7b7c768d3d497f4820c06fd4d29cb37f4660705eb6c8907ca3
-
Size
379KB
-
MD5
a265bc9e92c4b8eb03b73c4c407e5f19
-
SHA1
4f551def9c1933dcb9089f051093eb6cd052ee10
-
SHA256
bfbdec1affdb2a7b7c768d3d497f4820c06fd4d29cb37f4660705eb6c8907ca3
-
SHA512
183d4df53a3102d42639dd83a42bd3ac7e931c6c2539dffc0bcdfc878ec5580f3120db45d48aed90364efdec5b6acad6140cfd146c1b483ed2b9bf8a5fbdfef9
-
SSDEEP
384:XqnuO1JCHYdHz4XpfHEI6/dDEPjaVC6fMbUyFm0tyXLBI89wvuAv1mwnA3Z3BXR0:Xqnum1F6/789ujYTyLylze70wi3BEmM
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource bfbdec1affdb2a7b7c768d3d497f4820c06fd4d29cb37f4660705eb6c8907ca3
Files
-
bfbdec1affdb2a7b7c768d3d497f4820c06fd4d29cb37f4660705eb6c8907ca3.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 15KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 23KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE