Behavioral task
behavioral1
Sample
9b203c4af5a3ab5adfe832069c56b4e9a081e4e6ee60d31a424634c372f7c8c4.exe
Resource
win7-20240508-en
General
-
Target
9b203c4af5a3ab5adfe832069c56b4e9a081e4e6ee60d31a424634c372f7c8c4
-
Size
279KB
-
MD5
5e2618a5f6341ee8e81d757793baa90e
-
SHA1
3a688b7a85c0908bad64fc0f7f1a443cbd38b192
-
SHA256
9b203c4af5a3ab5adfe832069c56b4e9a081e4e6ee60d31a424634c372f7c8c4
-
SHA512
d9490e5ef3cf0ef030a1bc25f7959e9c69eaa5bbe8eeaf846ab7f4314e7520347719f98fd51ad4afc07b56eace87d2a833df5f1e8eb4a3e9a335106929be4c48
-
SSDEEP
6144:7cm4FmowdHoSoXSBcm4Vcm4FmowdHoSphra+cm4FMhraHcpOaKHpC:B4wFHoSoXW434wFHoS3eg4aeFaKHpC
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9b203c4af5a3ab5adfe832069c56b4e9a081e4e6ee60d31a424634c372f7c8c4
Files
-
9b203c4af5a3ab5adfe832069c56b4e9a081e4e6ee60d31a424634c372f7c8c4.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wFKsTzMc Size: 2KB - Virtual size: 1KB
TpQSAAEF Size: 10KB - Virtual size: 9KB
ThVhzkYd Size: 4KB - Virtual size: 3KB
KmnfBuri Size: 3KB - Virtual size: 2KB
JIqCvmGH Size: 2KB - Virtual size: 1KB
mEXIzxyC Size: 1024B - Virtual size: 613B
qvqXTehX Size: 17KB - Virtual size: 16KB
lhasFVeD Size: 4KB - Virtual size: 3KB
fRFIGFTP Size: 67KB - Virtual size: 66KB
lDRvOevM Size: 24KB - Virtual size: 24KB