Behavioral task
behavioral1
Sample
dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7.exe
Resource
win7-20240419-en
Behavioral task
behavioral2
Sample
dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7.exe
Resource
win10v2004-20240508-en
General
-
Target
dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7
-
Size
79KB
-
MD5
40b36edd9639c2b9edd6f51fb4840916
-
SHA1
0f2b334117cd6402213d6f717ea7c095151c0613
-
SHA256
dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7
-
SHA512
6ca34e47b5c5f346e69fe8a4650ff9188993ee684e5aa65aea090cbffef6837f89c4d65fbe4fe28739ab75a99a8b3dcb2fc446081df0f6c5a00c5c714b2b42da
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxFy5gfcL5y5gfcLUlGi0XlGi0M:fnyiQSoXqeaqeUlGi0XlGi0M
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7
Files
-
dd52ef1cd0dca7500d13ac51992f09d6ef48d18dc8a0c0bac805811ec71c48f7.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE