Behavioral task
behavioral1
Sample
6fdaaa0bb7a94c91c535ff618d469030N.exe
Resource
win7-20240708-en
Behavioral task
behavioral2
Sample
6fdaaa0bb7a94c91c535ff618d469030N.exe
Resource
win10v2004-20240709-en
General
-
Target
6fdaaa0bb7a94c91c535ff618d469030N.exe
-
Size
147KB
-
MD5
6fdaaa0bb7a94c91c535ff618d469030
-
SHA1
4041900522b529959ddc728a1900bbed3f777bbe
-
SHA256
8eb09ffcf2a57d0c0b7441391bc7296d7a868598936c3af1802dc9a4afcf16a0
-
SHA512
2dc0c9d3fedf68330acf2c4b4e6415ebcecdca63331761116f5219fc9bf3a491e1b0766f719e884e1abc5dcf49c16b81e7216d8b72004f2f35573d5011b872e4
-
SSDEEP
1536:a7ZyqaFAxTWH1++PJHJXA/OsIZfzc3/Q8Q8/8fCtyA7ZyqaFAxTWH1++PJHJXA/G:enaypQSoskonaypQSoskt
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6fdaaa0bb7a94c91c535ff618d469030N.exe
Files
-
6fdaaa0bb7a94c91c535ff618d469030N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE