Behavioral task
behavioral1
Sample
9b2e6821b6fc4c8b6c384412ebf3ea74944ee88c48212376080431bb6d7211ff.exe
Resource
win7-20231129-en
General
-
Target
9b2e6821b6fc4c8b6c384412ebf3ea74944ee88c48212376080431bb6d7211ff
-
Size
278KB
-
MD5
2d06a855677f7408136f7ee06e75a820
-
SHA1
e366d0a1dc60e21b010d650e8c596b4bbfd92073
-
SHA256
9b2e6821b6fc4c8b6c384412ebf3ea74944ee88c48212376080431bb6d7211ff
-
SHA512
ea5c948e2899d095ed446cbe725a2079110445200021bda638b56c69ae06d5a08c4496717134e534db18bddf970c7714b6e6d51ff8da870f7fa5441e722ff5f4
-
SSDEEP
6144:7cm4FmowdHoSoXSBcm4Vcm4FmowdHoSphra+cm4FMhraHcpOaKHpg:B4wFHoSoXW434wFHoS3eg4aeFaKHpg
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 9b2e6821b6fc4c8b6c384412ebf3ea74944ee88c48212376080431bb6d7211ff
Files
-
9b2e6821b6fc4c8b6c384412ebf3ea74944ee88c48212376080431bb6d7211ff.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wFKsTzMc Size: 2KB - Virtual size: 1KB
TpQSAAEF Size: 10KB - Virtual size: 9KB
ThVhzkYd Size: 4KB - Virtual size: 3KB
KmnfBuri Size: 3KB - Virtual size: 2KB
JIqCvmGH Size: 2KB - Virtual size: 1KB
mEXIzxyC Size: 1024B - Virtual size: 613B
qvqXTehX Size: 17KB - Virtual size: 16KB
lhasFVeD Size: 4KB - Virtual size: 3KB
fRFIGFTP Size: 67KB - Virtual size: 66KB
lDRvOevM Size: 24KB - Virtual size: 24KB