Behavioral task
behavioral1
Sample
733e16ec56d2d88b286c948a4a57ffc7daa565ec35615c98e0267061e28436c4.exe
Resource
win7-20240221-en
General
-
Target
733e16ec56d2d88b286c948a4a57ffc7daa565ec35615c98e0267061e28436c4
-
Size
226KB
-
MD5
be72c4ef3a64ab95c1477a714b4ea41a
-
SHA1
84dac173c77136245295e2c8d945b549798e3731
-
SHA256
733e16ec56d2d88b286c948a4a57ffc7daa565ec35615c98e0267061e28436c4
-
SHA512
8e6a766c9881452fa5e894f150917498a52a0dcccf3f0d24e9810b621d63bc66206f9abcce944f787adecd7c08aae3472786e2d575b9a0ffc38d6402e6aa691c
-
SSDEEP
6144:Dcm4FmowdHoSkHcJkkcm4FmowdHoS2qOv7r+MubPtylc:p4wFHoSk0ky4wFHoS2nDr9ubQlc
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 733e16ec56d2d88b286c948a4a57ffc7daa565ec35615c98e0267061e28436c4
Files
-
733e16ec56d2d88b286c948a4a57ffc7daa565ec35615c98e0267061e28436c4.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
EyFdkNMB Size: 4KB - Virtual size: 3KB
qJZJWmll Size: 11KB - Virtual size: 11KB
yNcfagim Size: 9KB - Virtual size: 8KB
YWKuDFQX Size: 4KB - Virtual size: 3KB
VndaDvKK Size: 1KB - Virtual size: 1KB
XLAkknhC Size: 1024B - Virtual size: 840B
IskJdSvw Size: 85KB - Virtual size: 85KB
qQzARcgW Size: 1KB - Virtual size: 1KB
TSnxvZda Size: 4KB - Virtual size: 3KB
TaKRxAoq Size: 7KB - Virtual size: 7KB