Behavioral task
behavioral1
Sample
b139754a7adc499d719d282740902102dcdb5fba099e0c0851dda453d114bb5b.exe
Resource
win7-20231129-en
General
-
Target
b139754a7adc499d719d282740902102dcdb5fba099e0c0851dda453d114bb5b
-
Size
59KB
-
MD5
f41242eb9bb0c0bdc1436de10618329c
-
SHA1
c3d66223d5791fdceaa8ebbfb0a758b9226f4a7e
-
SHA256
b139754a7adc499d719d282740902102dcdb5fba099e0c0851dda453d114bb5b
-
SHA512
6682e46e0beb2b132727d976a3c273830d14ea58ef6f7eb316428b6cfd4f7b94a4835519415ebc3ff1bdcd1b6e074a89a52cd4a5c90847d10881592ccd86cc01
-
SSDEEP
1536:kvQBeOGtrYS3srx93UBWfwC6Ggnouy8p5yAXNG1mjtREVM7:khOmTsF93UYfwC6GIoutpY918c+
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource b139754a7adc499d719d282740902102dcdb5fba099e0c0851dda453d114bb5b
Files
-
b139754a7adc499d719d282740902102dcdb5fba099e0c0851dda453d114bb5b.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE