Behavioral task
behavioral1
Sample
2ee9ed56b8d6fbe90111abb28bf0c490.exe
Resource
win7-20240215-en
General
-
Target
2ee9ed56b8d6fbe90111abb28bf0c490.bin
-
Size
453KB
-
MD5
2ee9ed56b8d6fbe90111abb28bf0c490
-
SHA1
e4a02b5c8df5fe62d9a5e6471c37eb30d71a73b8
-
SHA256
47cc275e43ff1eefb2d432ef04d89621d2585c25c2be961c7872be19106603c9
-
SHA512
2dea2cbc7b14738bbef498919c32e73943a8ec22794ab964b31a7a2ba101cea5fe46957094f2388678c5f68a368542974d926467c97e7a666794dec9cbd163dd
-
SSDEEP
6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1xrloBNTNmU:x4wFHoS3eFaKHpv/VycgE81lg9
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 2ee9ed56b8d6fbe90111abb28bf0c490.bin
Files
-
2ee9ed56b8d6fbe90111abb28bf0c490.bin.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE