Static task
static1
Behavioral task
behavioral1
Sample
c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6.exe
Resource
win10v2004-20240508-en
General
-
Target
c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6
-
Size
118KB
-
MD5
431ac29fcd9deabd011eb19a342e02e7
-
SHA1
2d51bf3106a6a524ec5971f5f7c5910c9f478736
-
SHA256
c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6
-
SHA512
ed14e7186007bce33979a427251fef7ea254eabf374084014366b696bc0ae82ee545acfb8c9f89e6bb656ea7ee754ffd9b6e081b594c478bcdcf7ac161e6b57b
-
SSDEEP
3072:4OjWuyt0ZsqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPb:4Is9OKofHfHTXQLzgvnzHPowYbvrjD/m
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6
Files
-
c18318919937d441115758cd5b65f821f791af3ad4a47d8f679f40717157d1a6.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
ak10rkff Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
la08iyur Size: 39KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
l061chxn Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE