Behavioral task
behavioral1
Sample
e34deeb5758a7e4ab3928f4a732ea9a58dd1460d99bee57ae93465e793796400.exe
Resource
win7-20240508-en
General
-
Target
e34deeb5758a7e4ab3928f4a732ea9a58dd1460d99bee57ae93465e793796400
-
Size
401KB
-
MD5
22979a15b1ff6954f94c523fca40006b
-
SHA1
24e61ee4786390b7deefc13ca8c206278ee7d3e8
-
SHA256
e34deeb5758a7e4ab3928f4a732ea9a58dd1460d99bee57ae93465e793796400
-
SHA512
b05393a55acafa50ce67d609135560a7bd11e78126d041faae4930e9af7d6bc8edbe30434dae7e476196a22ed3ca20d0e5979f9e17398f9d91b3d5813234ccc8
-
SSDEEP
6144:Jcm4FmowdHoSEubDcAkOCOu0EajNVBZr6y2WXxLO1UqW9E3H:T4wFHoSEubD2P3H
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource e34deeb5758a7e4ab3928f4a732ea9a58dd1460d99bee57ae93465e793796400
Files
-
e34deeb5758a7e4ab3928f4a732ea9a58dd1460d99bee57ae93465e793796400.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ