Behavioral task
behavioral1
Sample
747b80deca45767fa87c99276663c4463063c8a77b79b029ce32e40a6306cca7.exe
Resource
win7-20240508-en
General
-
Target
747b80deca45767fa87c99276663c4463063c8a77b79b029ce32e40a6306cca7
-
Size
334KB
-
MD5
574856122a15d14c8e093700944bb541
-
SHA1
552f154f05b7d11d7fb474c5b9a8dfd4a4a25699
-
SHA256
747b80deca45767fa87c99276663c4463063c8a77b79b029ce32e40a6306cca7
-
SHA512
159a9813a684b1195a68e81c1cd45c582105a8cc0ed61dfbb6b94462c8feba81339b8f5624dda02869e33afa4c68b689f016d25972c36819b14e466cce016f07
-
SSDEEP
6144:rcm4FmowdHoSphraHcpOaKHpXfRo0V8JcgE+ezpg1i/0:x4wFHoS3eFaKHpv/VycgE8o0
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 747b80deca45767fa87c99276663c4463063c8a77b79b029ce32e40a6306cca7
Files
-
747b80deca45767fa87c99276663c4463063c8a77b79b029ce32e40a6306cca7.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE