Behavioral task
behavioral1
Sample
5dc9939b3afcb4858082186ce114f740N.exe
Resource
win7-20240729-en
Behavioral task
behavioral2
Sample
5dc9939b3afcb4858082186ce114f740N.exe
Resource
win10v2004-20240802-en
General
-
Target
5dc9939b3afcb4858082186ce114f740N.exe
-
Size
655KB
-
MD5
5dc9939b3afcb4858082186ce114f740
-
SHA1
7b6442ffa94d66e99b7b67945e4f9c7f2232fb20
-
SHA256
d392d6e5a5b422bf5c0c922e6699b98b2ac7c33e5e7b7fec075d8be57e3f8f45
-
SHA512
fb33ba59cc08e00a08c20ce5eee78c237300c9f2e8f4b9f391b25933de6bfef4a0325505a62a749e9ce768c2b9eb106d14491b925af737ac9cd078ca62635e0b
-
SSDEEP
12288:SKg71yAoHNWR8bTH7MrcuWE/wove/j24yu/ATnZuPESLnV+pFH:1HNJDMor12mquPZjqV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 5dc9939b3afcb4858082186ce114f740N.exe
Files
-
5dc9939b3afcb4858082186ce114f740N.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 653KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE