Behavioral task
behavioral1
Sample
7b76e18a52dbe61417ea9306be8f9abd547bfd02b1b1a6dc14e72499e3ca3ee7.exe
Resource
win7-20240221-en
General
-
Target
7b76e18a52dbe61417ea9306be8f9abd547bfd02b1b1a6dc14e72499e3ca3ee7
-
Size
441KB
-
MD5
b57c5e97a7e18f83f27b4d7daf9c337a
-
SHA1
bf8d8b18cb8facd7cf4996319d64c8a96bb27253
-
SHA256
7b76e18a52dbe61417ea9306be8f9abd547bfd02b1b1a6dc14e72499e3ca3ee7
-
SHA512
800b5aa9ab4db7d274e4f8a2168070e92a3717c8feacfe174a6c8209777f925664e6b02e155e05286aeb6df83ab9428483dc7f1bbff4a07f4e382c66337b35cb
-
SSDEEP
12288:M4wFHoSpg4wFHonR/nPF2LnFL4wF04wFK4wFK4wlu5:UrR/nPq
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 7b76e18a52dbe61417ea9306be8f9abd547bfd02b1b1a6dc14e72499e3ca3ee7
Files
-
7b76e18a52dbe61417ea9306be8f9abd547bfd02b1b1a6dc14e72499e3ca3ee7.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
xACidIma Size: 5KB - Virtual size: 4KB
WZGvBGeW Size: 18KB - Virtual size: 18KB
ZQTCapqz Size: 41KB - Virtual size: 40KB
JQblyDyT Size: 6KB - Virtual size: 5KB
GIYlHWoB Size: 1KB - Virtual size: 1KB
YTJaEXpY Size: 512B - Virtual size: 489B
rdtNpjVC Size: 124KB - Virtual size: 123KB
hgvYuiJd Size: 5KB - Virtual size: 4KB
pPCQRmzf Size: 150KB - Virtual size: 149KB
QyqhpZZC Size: 30KB - Virtual size: 30KB