Behavioral task
behavioral1
Sample
22373fb827369a8eda6c64d137ae74df5128bc5b1b0a2286a1a5b9fb17ee8e35.exe
Resource
win7-20240221-en
General
-
Target
22373fb827369a8eda6c64d137ae74df5128bc5b1b0a2286a1a5b9fb17ee8e35
-
Size
161KB
-
MD5
58020396b6fc11bb318c0c51ab9a398c
-
SHA1
05693d85c50e90ec845f5902861f63b9698bf570
-
SHA256
22373fb827369a8eda6c64d137ae74df5128bc5b1b0a2286a1a5b9fb17ee8e35
-
SHA512
88abb597884042427257a4b0ade7f4867c85cf6b5cd45719b30247d1e5848b7263fae9b504cb7b2680f85af115b87667f1889a6645c9cad57179b594149bdfce
-
SSDEEP
3072:LhOmTsF93UYfwC6GIoutHt251UrRE9TTFP:Lcm4FmowdHoSHt251UriZFP
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 22373fb827369a8eda6c64d137ae74df5128bc5b1b0a2286a1a5b9fb17ee8e35
Files
-
22373fb827369a8eda6c64d137ae74df5128bc5b1b0a2286a1a5b9fb17ee8e35.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE