Behavioral task
behavioral1
Sample
20d5e1eae73e69ff16c3134ae05844f658800c79f1a941325c9d6a1120780e45.exe
Resource
win7-20240419-en
General
-
Target
20d5e1eae73e69ff16c3134ae05844f658800c79f1a941325c9d6a1120780e45
-
Size
80KB
-
MD5
d596bd7cb7a3f4772559cbb9733cfe33
-
SHA1
993778e74bc4f172b48c9455852f06bfff8bc2bd
-
SHA256
20d5e1eae73e69ff16c3134ae05844f658800c79f1a941325c9d6a1120780e45
-
SHA512
40dd43461c25405006539e6c6aea7adaacccd07eb6ee3b2851db029fc43f131e15edb1242c44f081a2461ef7d3159896c5db28e071f199c9bab7d749df32d6b4
-
SSDEEP
1536:zvQBeOGtrYS3srx93UBWfwC6Ggnouy8iT4+C2HVM1p6TQpKg:zhOmTsF93UYfwC6GIoutiTU2HVS6A
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 20d5e1eae73e69ff16c3134ae05844f658800c79f1a941325c9d6a1120780e45
Files
-
20d5e1eae73e69ff16c3134ae05844f658800c79f1a941325c9d6a1120780e45.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE