Behavioral task
behavioral1
Sample
9ef8e1bd065c95a7c24bbd7b2e31a326bf61e325b5b1a24c51c7b1bca07bc0e8.exe
Resource
win7-20240419-en
General
-
Target
9ef8e1bd065c95a7c24bbd7b2e31a326bf61e325b5b1a24c51c7b1bca07bc0e8
-
Size
379KB
-
MD5
8aad41aef25a2f63a1aabf01d34f130b
-
SHA1
cedc6bd99abe522e55908a3e6006464b32d4079e
-
SHA256
9ef8e1bd065c95a7c24bbd7b2e31a326bf61e325b5b1a24c51c7b1bca07bc0e8
-
SHA512
25a886db2867fc9610447cc8cfe7d353b4d55993da821c3b6d08700d4fc5264a9a6d51dad5016fa086db1f9f23d3f65a36759802c6c7badc2560b23b3483e915
-
SSDEEP
6144:Ocm4FmowdHoSsm4FIc1/cm4FmowdHoSsiNlcJcmHYC9/jvvfwL+TLPfSRcm4FVo6:w4wFHoSl4h4wFHoS24yTgL+zfu4/FHoy
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9ef8e1bd065c95a7c24bbd7b2e31a326bf61e325b5b1a24c51c7b1bca07bc0e8
Files
-
9ef8e1bd065c95a7c24bbd7b2e31a326bf61e325b5b1a24c51c7b1bca07bc0e8.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
RGmXTXEe Size: 3KB - Virtual size: 2KB
BgVjthbB Size: 19KB - Virtual size: 18KB
LnmJfTDD Size: 10KB - Virtual size: 9KB
AcYsIVBF Size: 7KB - Virtual size: 7KB
zHbboKbp Size: 2KB - Virtual size: 1KB
LpfzgeIY Size: 1024B - Virtual size: 650B
meaQkxgH Size: 94KB - Virtual size: 93KB
cgImBWwe Size: 512B - Virtual size: 457B
JmoZPGDh Size: 92KB - Virtual size: 92KB
TTYrWeoQ Size: 51KB - Virtual size: 50KB