Behavioral task
behavioral1
Sample
83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7.exe
Resource
win10v2004-20240508-en
General
-
Target
83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7
-
Size
1.4MB
-
MD5
1ec754bba5e0de5c868f7471aaf3087a
-
SHA1
60b131de77dd323629af4a75407317ba2bea98e1
-
SHA256
83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7
-
SHA512
c1b245cae056ae0d5c04fa10bf5c19994adca676a83e13854902e66755417705ef49290916a5d136398e8262c3aa0fb0475e221567053bf7e173284aeea35710
-
SSDEEP
24576:xnhuqmUGcVo5/2cMbX7lCSAx4m/YZWjILnq0GIQzkTnQrk6n4In1ra6umzZi:FhuqmUGcVe9M77sDqjWjePQg56rtc
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7
Files
-
83217cff9d3c59f4e9b7a7155af0f2784cec18015d0621f3cad8a5a2eefa6dd7.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.qhx Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.sy Size: 512B - Virtual size: 4KB