Behavioral task
behavioral1
Sample
f9a07b5820823118d27c2673715c773a861bf9826354da6e4e77fa80cb78dc33.exe
Resource
win7-20240221-en
General
-
Target
f9a07b5820823118d27c2673715c773a861bf9826354da6e4e77fa80cb78dc33
-
Size
367KB
-
MD5
c0775051313ca9feeade793c7ca32f6a
-
SHA1
a3c00259faca2e487d1d8630738e757661d86d5b
-
SHA256
f9a07b5820823118d27c2673715c773a861bf9826354da6e4e77fa80cb78dc33
-
SHA512
0f2ebb1317a87489102332a20ec4da4c688df57e32c7638dc961c14fec626cad95b2f5235f310a4d48f64750287c704f4e46e8089f98243b8d4132ffe1bf81e7
-
SSDEEP
6144:kcm4FmowdHoSphraHcpOFltH4tiAlSpgFZAzwdjcIlSpgFZZr3GSM/xG:y4wFHoS3eFplAlSpgFZAKjcIlSpgFZZD
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f9a07b5820823118d27c2673715c773a861bf9826354da6e4e77fa80cb78dc33
Files
-
f9a07b5820823118d27c2673715c773a861bf9826354da6e4e77fa80cb78dc33.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE