Behavioral task
behavioral1
Sample
37d67a422a2c3eac276ec75c6b4600aba1028e244b01a3c9b1e22fbace9dfcad.exe
Resource
win7-20231129-en
General
-
Target
37d67a422a2c3eac276ec75c6b4600aba1028e244b01a3c9b1e22fbace9dfcad.exe
-
Size
539KB
-
MD5
bd50ba38259a5c7a2a376ea20c16d895
-
SHA1
a23cc9f184aa87b8ca1e5fe1589b192d303fe0dd
-
SHA256
37d67a422a2c3eac276ec75c6b4600aba1028e244b01a3c9b1e22fbace9dfcad
-
SHA512
30ebadd2be0c2095e7221c18a58b0799830e321a94bc5e102f48842c331c0b5743565759a5c2e1c635a7fb5efb03e10b2eaf3da4b9a41dd0bfce16a454d16c66
-
SSDEEP
12288:whymnwJFPNdgBAEHApqePJN1AmLM7uVq9sSYN:wUmwrl2Ao7sJNlM7ymsSYN
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
Processes:
resource 37d67a422a2c3eac276ec75c6b4600aba1028e244b01a3c9b1e22fbace9dfcad.exe unpack001/out.upx
Files
-
37d67a422a2c3eac276ec75c6b4600aba1028e244b01a3c9b1e22fbace9dfcad.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 760KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 529KB - Virtual size: 532KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.data Size: 1.2MB - Virtual size: 1.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 14KB - Virtual size: 13KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ