Behavioral task
behavioral1
Sample
b389708af305854b2ed9e644b588cd40N.exe
Resource
win7-20240705-en
General
-
Target
b389708af305854b2ed9e644b588cd40N.exe
-
Size
102KB
-
MD5
b389708af305854b2ed9e644b588cd40
-
SHA1
8e8b8665178acec639884a4a331ffbdc91e2019d
-
SHA256
bec5841d867ea3e14461b14a871aafbb8f4746f11f84ce0b8b0ba2f67f1b260b
-
SHA512
0877c24217bf36182002973fd6db9e44313b36dc5e60df2810dc4fc8d813b8c9fbf259857df952b9f9b987ce7c06c955dc2fb23e1d0cc2e0b006cbef68481932
-
SSDEEP
768:jGvbqsQdX5BhGEnOsIzfJ4i4g5p0syi+hvN18K3H8T6++3KI4Fyu8hcLCik5dAyk:CzqsQ5PIt4+/yfeB6r6YcOik5h36lB4E
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource b389708af305854b2ed9e644b588cd40N.exe
Files
-
b389708af305854b2ed9e644b588cd40N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 68KB - Virtual size: 72KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE