Behavioral task
behavioral1
Sample
494534ba2e4d1c126c72c32b191a39a0N.exe
Resource
win7-20240705-en
General
-
Target
494534ba2e4d1c126c72c32b191a39a0N.exe
-
Size
321KB
-
MD5
494534ba2e4d1c126c72c32b191a39a0
-
SHA1
74a966dee779ac2055d151ed2016885e9d19cab7
-
SHA256
e40943f586be319c33133aba8e841e071b59f5b1c8e08417626f28e9e1c2ef57
-
SHA512
cd01afa52ee378e7e3c5712e2dc2389504ece75fe9594937e6d103165c6a10343f067bdbec40f43ef2de7d575a355b279a62ed752a2909aebf9a855e0e30060c
-
SSDEEP
6144:uuq1yy/pjnkeQ4mltKicjq+5ymYuMCo0N5uQ0d9jtqWMbZTyf:y1yc9kbhtKXkmN5N5ujBqTTyf
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 494534ba2e4d1c126c72c32b191a39a0N.exe
Files
-
494534ba2e4d1c126c72c32b191a39a0N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 53KB - Virtual size: 60KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 20KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE