Behavioral task
behavioral1
Sample
4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de.exe
Resource
win7-20240221-en
Behavioral task
behavioral2
Sample
4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de.exe
Resource
win10v2004-20240508-en
General
-
Target
4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de
-
Size
1.2MB
-
MD5
8362c70c0b1e8f33883520e2b76c653d
-
SHA1
3dc2a8a6373548fcd0055913be32b42f4f8e0d94
-
SHA256
4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de
-
SHA512
1591e821d00b7c7d12799b8e9672edb1d4b04f9e73dcf7205244535c98854c877bad94c34ea3c48eb3a199840352faf3eec92fe2848c35086677a17fd39204e0
-
SSDEEP
24576:lBNRSGUNuOJn3f86F7UxdlMfgiO00/LrzVFBnR3UYRcUvj++C/b1S4:ZgNBJ3ku7UxXMfgiezfB6YyUvja/w4
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de
Files
-
4d42b6898eb9ffd2d75ae99c74a5127efff6cd40c47cccb9611ba8c4e974c4de.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: - Virtual size: 68KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 36KB - Virtual size: 40KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 7KB - Virtual size: 8KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
8xGaDB Size: 388KB - Virtual size: 224KB