Behavioral task
behavioral1
Sample
3943d6cc8d69bd8fe1723f6c29c9eca5a5588173bfc956136dd701a639b8f413.exe
Resource
win7-20240508-en
General
-
Target
3943d6cc8d69bd8fe1723f6c29c9eca5a5588173bfc956136dd701a639b8f413
-
Size
67KB
-
MD5
865b1d29c18464332be972fce66d637e
-
SHA1
fffe8d4efeba0697af096b1770a048ac244b5d54
-
SHA256
3943d6cc8d69bd8fe1723f6c29c9eca5a5588173bfc956136dd701a639b8f413
-
SHA512
7a74b6e102f05912ad7b72b3d264ff566321c10adf341f4eb66e5fa1bf68a8282522bbd27b53c0ec8187a29d2f6d2621d7e80bff27d633ff13e0880e9a9ec2e2
-
SSDEEP
1536:kvQBeOGtrYS3srx93UBWfwC6Ggnouy8p5yAXNYLIALUmYgQ:khOmTsF93UYfwC6GIoutpY4ALUm2
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3943d6cc8d69bd8fe1723f6c29c9eca5a5588173bfc956136dd701a639b8f413
Files
-
3943d6cc8d69bd8fe1723f6c29c9eca5a5588173bfc956136dd701a639b8f413.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE