Behavioral task
behavioral1
Sample
74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551.exe
Resource
win10v2004-20240508-en
General
-
Target
74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551
-
Size
163KB
-
MD5
17bf9acc149e57816b1f9e2ea01db975
-
SHA1
3c8fbbe114e82e7f4899f416ba489fd6aef4e5df
-
SHA256
74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551
-
SHA512
cd8e225364144219b1eeab8c0d9bf479fdec8e046fd4a36493b592ba34ba6a4f9a4b5664cfcc85a3e9018e2e222ad63e6dd8eede5bd954e58cad1899a0ebfe82
-
SSDEEP
3072:+nyiQSo+xFiQSnJOIYTXof60qoYKQJdRXOiaXt5iVgmz:JiQSo2Vtof6zRjdpOL95y
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551
Files
-
74cb0d4e1d03a4b67f75e0a3bfa1170b18d425d5e30570d348dcbd38f1ca8551.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE