Static task
static1
Behavioral task
behavioral1
Sample
f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050.exe
Resource
win10v2004-20240226-en
General
-
Target
f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050
-
Size
505KB
-
MD5
0b95935c0f53b9aad6fbaf1810f10942
-
SHA1
796b38dc58ca45e6cc36274735cb22882caaece9
-
SHA256
f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050
-
SHA512
963d06d4f6ee80a517635a9de75378d235fcd40339ce4010d9c76303f73aab093051d74e08bcd8e40012641893c99d3bab1cf043598e4e930b56663856e1538f
-
SSDEEP
12288:wlbx+b1gL5pRTcAkS/3hzN8qE43fm78VO:Wbx+G5jcAkSYqyEO
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050
Files
-
f40553531a1b6a45c8de411fc8e0ffc21c52d8a0620b14e00394aeeac364e050.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
VHqxTUpa Size: - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
IaDsgWGk Size: 35KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE