Behavioral task
behavioral1
Sample
a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0.exe
Resource
win10v2004-20240709-en
General
-
Target
a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0
-
Size
11.6MB
-
MD5
c4cd3ba83181a61f76203e14679df171
-
SHA1
76ce38b8342abd8d818abc92498809226f959792
-
SHA256
a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0
-
SHA512
ffa8e1abb1890734f5ec678c3fa651b1035e7a7e151c2d6fc973dedeae05aeddabcbd3fd6d307316b6c4be85f74b0587b7484f68f29f0d47cd8daedbdfc59151
-
SSDEEP
98304:2JiZ07bD5k0yYNkTExVm23xxMvth0JBAUZL:2fb5k4N6um2eT0JV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0
Files
-
a1867dfc6244c35af6bcecee0c564c187a94929f390adc2f76038ad36d1df3f0.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 6.4MB - Virtual size: 6.4MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 5.1MB - Virtual size: 5.1MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 5KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE