Behavioral task
behavioral1
Sample
98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44.exe
Resource
win10v2004-20240508-en
General
-
Target
98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44
-
Size
215KB
-
MD5
60126e313b92276aca2444e5d1c4f328
-
SHA1
538f320f84655de2e4e6ef4f09f72e6215d4ef33
-
SHA256
98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44
-
SHA512
2823ef0c9ec9aa7f0197ac9a089ea106243079eb3a41b59924608318bd35a3bb2a9082a80122fa6e93ae8e6dededb14083ce057a0599c5bcb3b675d9e42cf167
-
SSDEEP
6144:JmCAIuZAIuDMVtM/wFWF+ctFXcVr2FWF+ctFXcVr32ZKS71:7AIuZAIuOFFWF+ctFXcVr2FWF+ctFXcK
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44
Files
-
98808c42a4c9c9290318a06635444af01bb58ef8a6350aa5b76b75debed95d44.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE