Behavioral task
behavioral1
Sample
8bcc8941cf1f720f79debfe3d7c76b98d3154ffc6a0f07b1afde68ab79ebbdd9.exe
Resource
win7-20240221-en
General
-
Target
8bcc8941cf1f720f79debfe3d7c76b98d3154ffc6a0f07b1afde68ab79ebbdd9
-
Size
176KB
-
MD5
ba6026412bcbd5bdb3409edd19c22c18
-
SHA1
b3f22d22f6c91958d290169dd6c213535b809b8b
-
SHA256
8bcc8941cf1f720f79debfe3d7c76b98d3154ffc6a0f07b1afde68ab79ebbdd9
-
SHA512
c7dab72fec656f0cc4aaae027c170c7914bdd376e786d9a6cb57ce2011c28156415b9617f603167992ec6008a9e2129d3ee28a6391f21b6725320a737ca92a6e
-
SSDEEP
768:Ac/TbblFpQNwC3BEc4QEfu0Ei8XxNDI/vFaaz6JZ1Ssw63BEfee:x7bbl/eThavEjDUvFaaAXZL0J
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
resource yara_rule sample UPX -
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 8bcc8941cf1f720f79debfe3d7c76b98d3154ffc6a0f07b1afde68ab79ebbdd9
Files
-
8bcc8941cf1f720f79debfe3d7c76b98d3154ffc6a0f07b1afde68ab79ebbdd9.exe windows:4 windows x86 arch:x86
1639b1e17656fed4f63bac94cbb79cec
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Imports
msvbvm60
MethCallEngine
ord593
ord594
ord595
ord598
ord525
ord526
EVENT_SINK_AddRef
ord529
DllFunctionCall
ord670
EVENT_SINK_Release
ord600
ord601
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord607
ord608
ord530
ord716
ProcCallEngine
ord537
ord645
ord570
ord685
ord100
ord616
ord546
ord547
ord580
Sections
UPX0 Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 16KB - Virtual size: 16KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 92KB - Virtual size: 92KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE