Behavioral task
behavioral1
Sample
cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05.exe
Resource
win10v2004-20240508-en
General
-
Target
cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05
-
Size
202KB
-
MD5
88ed5b2bd370216c2fc35b368918ebe1
-
SHA1
b17cb3073dab00db6386edfeff34cffc4ee89983
-
SHA256
cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05
-
SHA512
e251a6babf78269a4065c5fc965043bfe27f2cb91f57453461de74cf48d27365baa100aa59bf4346cee6d3c679151b82cea9e56dacd2d686ae5c9d5fc2e83630
-
SSDEEP
3072:+nymCAIuZAIuYSMjoqtMHfhf7H0WH0/6W2QZwKS7g:JmCAIuZAIuDMVtM/1H0WH0f2ZKS7g
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05
Files
-
cf3c0fcfa000b6dcd912b7f1f9ebeb6e5b796db1c1658f4f031c7ee1cbb32b05.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE