General
-
Target
Astrial.zip
-
Size
474KB
-
MD5
ff55e1c8326239e9adbe7223f1f4564c
-
SHA1
d391539d6f60d4144494eb1365ea7a18041943bc
-
SHA256
f0da3fc6dc4bc0b3d370aad27e9cea3ddc26d28de092273af4ca374ecf208eea
-
SHA512
07572986ff1c0b8cb11bda50072b2b6f821e725ce102a9209e4cfe7cad849238d00091ae3c1241ea2d2b79bd0c59eb90b1dae8ae9426e3d51fa5fc5e24c76e62
-
SSDEEP
12288:Q62Yz6W5JvOwIsL3ttEqO4RQiRWNYeFV7ye+WWknXUQ:QgtDBLdTlRQiRYYe+CnXh
Malware Config
Signatures
-
resource yara_rule static1/unpack001/Astrial/Loader.exe upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource unpack001/Astrial/Loader.exe
Files
-
Astrial.zip.zip
-
Astrial/Loader.exe.exe windows:5 windows x64 arch:x64
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 872KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 446KB - Virtual size: 448KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 83KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE