Behavioral task
behavioral1
Sample
dfa7b0a9187774b63c79f4f2a151d1572dbe085cd5f3a61b689b56dbce3b71c1.exe
Resource
win7-20240705-en
General
-
Target
dfa7b0a9187774b63c79f4f2a151d1572dbe085cd5f3a61b689b56dbce3b71c1
-
Size
169KB
-
MD5
8ad04e4bf2b536e1553ed2d2dd9afc83
-
SHA1
354f767914f8ec1896eeb0c03e6c00d12f446374
-
SHA256
dfa7b0a9187774b63c79f4f2a151d1572dbe085cd5f3a61b689b56dbce3b71c1
-
SHA512
c580fbd5d44afccc497d17087eda4dc2f23185b955a3150cdb25a685c6f3c76fa32abca5f0390533f6c40fc79f1300ce055ab7101fe66a8fcd880c208526181d
-
SSDEEP
3072:SxTqpdA3f6QNf2IPO4DpmWpAsfYbTOBoefYi6a9k20tAvdqkzk6t5uYE4V:U2pdqfv2IPOGfXf5ovWvdNk6rrEE
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource dfa7b0a9187774b63c79f4f2a151d1572dbe085cd5f3a61b689b56dbce3b71c1
Files
-
dfa7b0a9187774b63c79f4f2a151d1572dbe085cd5f3a61b689b56dbce3b71c1.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI
Sections
UPX0 Size: 96KB - Virtual size: 96KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 53KB - Virtual size: 56KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE