Behavioral task
behavioral1
Sample
401d53c2cfdb012d2df7cb50c22e26fdf65ce054a7e72265e6151473c0fe9a64.exe
Resource
win7-20240508-en
General
-
Target
401d53c2cfdb012d2df7cb50c22e26fdf65ce054a7e72265e6151473c0fe9a64
-
Size
367KB
-
MD5
617065ed1a10d50c0cca41b980b5ef39
-
SHA1
199ed43735a0d36745f9361023817af056f46297
-
SHA256
401d53c2cfdb012d2df7cb50c22e26fdf65ce054a7e72265e6151473c0fe9a64
-
SHA512
56e15f560e1606f9ed4952f3ad4afe3288a878e7a76057516a1d519c953243d909224ef23369e691cfb7bc541acd816c6abad5d4ff2879f0f34db52716387849
-
SSDEEP
6144:9cm4FmowdHoSdSyEAxyx/ZrTTr4qIMgE8Z:/4wFHoSQuxy3rTXIM18Z
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 401d53c2cfdb012d2df7cb50c22e26fdf65ce054a7e72265e6151473c0fe9a64
Files
-
401d53c2cfdb012d2df7cb50c22e26fdf65ce054a7e72265e6151473c0fe9a64.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.code Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE