PyInit_index
Behavioral task
behavioral1
Sample
74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9.dll
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9.dll
Resource
win10v2004-20240508-en
General
-
Target
74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9.exe
-
Size
178KB
-
MD5
6a90655fb10b439af36ca98114d942f0
-
SHA1
ccac8ba84641257d897b629f63aa50d4ab8b0d2c
-
SHA256
74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9
-
SHA512
3a7b581463f824bd6cf6e6c98178bfeab23020fc247c2c33018ad6778c00f43455724d406d9580ba0371fd1aa2bfa21a070b65d29b7fa48cf2a45ec5a7c44d08
-
SSDEEP
3072:CHUWIKU7Dc48gVL+zHBaQ5KgQghtZBNooJ+ZMjlGOByIjIAFsEOzkX:C0Bl7j3LEaQ0GhtTNzEGjlnBhOgX
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9.exe
Files
-
74df97c9fef381b84f38e9e30c33ff033a0d71b86e627543ec2aa04cbd6f62e9.exe.dll windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL
Exports
Exports
Sections
UPX0 Size: - Virtual size: 552KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 176KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE