Behavioral task
behavioral1
Sample
f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf.exe
Resource
win10v2004-20240508-en
General
-
Target
f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf
-
Size
215KB
-
MD5
d3fe5b7d7a6c23338b14a0a94a2bd65f
-
SHA1
8042386dc2f55a9cd039f698addedaa003c8dbf2
-
SHA256
f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf
-
SHA512
850d48a823f169fcd4052566e47eb4024c3c53f77275635cf998f9c1fd35556efe4462ad5776e0de5edc755f6942df66a7347fd03b44f1ff9419a8102b530560
-
SSDEEP
6144:b29vmuU5TiOljGegX7aftnRnhPTSCg+RdoSoCd:C1mP1l9EaVXTSL0doSo
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf
Files
-
f770ae8d12ddad0bcc9051b7e568afae3f5821922a761ecfb06441b98cda9cbf.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 688KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 179KB - Virtual size: 180KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE