General
-
Target
zsnesw.exe
-
Size
580KB
-
MD5
8e3f9f4ba68261d9976a79f842b2ecdd
-
SHA1
50b379484494a7da992f40cf23bcb43b4b065e77
-
SHA256
fcc9c75f44bcfc3a5c7f1b8d8bed6b2cba95ecb80531a57351f006883b47b52e
-
SHA512
ae369dd43f344a501953fe60fa692e8a25ae41bb8ab935edaa1fad8e6935a182cfa4c5ab604feb5b7dea29340da81bf6f4463f4132f8e5954e0ff3a62cd57834
-
SSDEEP
12288:zKPgx5ebkgLs1PQ29BadoHuaRCwFasz2mDvppsHnWbqQdGW7wz+GzDdC/Z:9xobkgA4TdoHPta42mT/sHnKWHzDI/Z
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource zsnesw.exe
Files
-
zsnesw.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 8.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 537KB - Virtual size: 540KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 42KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE