Behavioral task
behavioral1
Sample
6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c.exe
Resource
win7-20240705-en
Behavioral task
behavioral2
Sample
6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c.exe
Resource
win10v2004-20240709-en
General
-
Target
6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c
-
Size
42KB
-
MD5
69a04a278f11ca13f83f8e3547158c35
-
SHA1
de14fdaaf5351b151b72bdde68c355dc4243b384
-
SHA256
6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c
-
SHA512
5167dfa07ff7e9ea48ebb58bd15e4f744137e5e1b07e95d25dbfe349410e77a3ae6ecf6d542aa3543a97685e7d565c0bf2e71605f94b026dd4d068258bf2140b
-
SSDEEP
768:V7Blpf/FAK65euBT37CPKKQSjyJJcbQbf1Oti1JGBQOOiQJhATBR:V7Zf/FAxTWoJJZENTBR
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c
Files
-
6097cff5631e773e354d5e532051d358efa4cc72848f6f9f7a64bf3c1116615c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE