Behavioral task
behavioral1
Sample
804c4ec6ed801fd3591a32459f5f6240N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
804c4ec6ed801fd3591a32459f5f6240N.exe
Resource
win10v2004-20240709-en
General
-
Target
804c4ec6ed801fd3591a32459f5f6240N.exe
-
Size
245KB
-
MD5
804c4ec6ed801fd3591a32459f5f6240
-
SHA1
0c929e0a733ac641060c8f0ace4954128a8fa640
-
SHA256
5e8fdf4b058c311cd70026b074a98b2eb8e2604d8436daea1524c8f57a7b9667
-
SHA512
dd8c5c36c4d5f28b6e0bc1e422556c56757cdf27ae008e490595e67b6590cd92bbec41848ecccaba29d06908109e4147d0de7bd3f3119aad7b0c8bc19665d564
-
SSDEEP
6144:sPDLCL9Io5R4nM/40yKsx3YX7QAnCbEJ5UsoDMNYgqqa3:sPKLXqTxILxCiBOMs
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 804c4ec6ed801fd3591a32459f5f6240N.exe
Files
-
804c4ec6ed801fd3591a32459f5f6240N.exe.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 56KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.tn Size: 42KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.f Size: 512B - Virtual size: 4KB