Behavioral task
behavioral1
Sample
dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a.exe
Resource
win7-20240508-en
Behavioral task
behavioral2
Sample
dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a.exe
Resource
win10v2004-20240508-en
General
-
Target
dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a
-
Size
36KB
-
MD5
9719dee8e6a6d23ca5a0143d410ddd6a
-
SHA1
523a5a148ea64b85f13c556d701c7cd1da046b5b
-
SHA256
dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a
-
SHA512
7755db36e81dd1cb1151940746f1354d31ef3ad80d066ccc17276943d01b89b27084d31f2357573b7c903bba97b23c01fe85335934ff33acdbd5e91bb289885b
-
SSDEEP
768:EF6ih5nWLQF/NwwC/pS50BQifgvYnbcuyD7U:EF6S5WLiVwt/ZpfgvYnouy8
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a
Files
-
dd82e2358753b464b6295034a29997c585fa4fcc5b5f412aaa91dd42c743545a.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.btnj Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.t Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE