Static task
static1
Behavioral task
behavioral1
Sample
9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6.exe
Resource
win10v2004-20240426-en
General
-
Target
9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6
-
Size
256KB
-
MD5
55e8abc5d646319843c6c4a07e505d08
-
SHA1
c46ca2c1a0c11f44f49c285eca62841205b5c402
-
SHA256
9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6
-
SHA512
598a8c8f9a8ed85119d36c43785b763961148eef03c2ce08295942fcae3a52dc3f69589e32b344685f2540e95ad07afe4695e403961718e40c922f7a725f4515
-
SSDEEP
6144:rqppuGRYx4H712f/SBTpzZA6rXD40b+7TJq:rqpNtb1YIp9AI4Fq
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6
Files
-
9ad2c556919da64ffb076e27089756753d9a55ebc9c177dfa9c344e0e48296a6.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
NDltoTPW Size: - Virtual size: 76KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tJrdyPER Size: 177KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE