Behavioral task
behavioral1
Sample
a21bfb015a6838c94a4ad78d527ec80b234be91bd12eb55efb85c6bf93a3a2be.exe
Resource
win7-20240508-en
General
-
Target
a21bfb015a6838c94a4ad78d527ec80b234be91bd12eb55efb85c6bf93a3a2be
-
Size
401KB
-
MD5
5572dc8a116e6bd5d18b0828c8e79dbb
-
SHA1
1eda486b434da4e6f08fdfbdff77b989af2e1281
-
SHA256
a21bfb015a6838c94a4ad78d527ec80b234be91bd12eb55efb85c6bf93a3a2be
-
SHA512
b7bc942c381b05db7ac0f2a264d074e72fb341ebb8d790e48e70f140a36659675ffde29973ac553cd0324e28dd8b3f57693a388fa025a18eae44e3891e40a602
-
SSDEEP
6144:Jcm4FmowdHoSEubDcAkOCOu0EajNVBZr6y2WXxLO1UqW9E3q:T4wFHoSEubD2P3q
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a21bfb015a6838c94a4ad78d527ec80b234be91bd12eb55efb85c6bf93a3a2be
Files
-
a21bfb015a6838c94a4ad78d527ec80b234be91bd12eb55efb85c6bf93a3a2be.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ