General
-
Target
concp32.exe
-
Size
670KB
-
MD5
8e364df9aaa4eba37a13d260146c5a6b
-
SHA1
b33a525e5725d2c87ab3c7d180230bd06d9daf86
-
SHA256
9bd759ddd7d01280f607f34d87a6704f76b353a456f4c94fee62483f2247c464
-
SHA512
39480f575cf5b69d2253a0a6c27f460f5e39570b828dc00d4ae587bc0aa4af1f9e430557db5b821e055d0469b6dfab8c2825261da567e11c9ca53d8dc09ad8ec
-
SSDEEP
12288:7tKe6Zv23YLVFhBsC8iFHs+hsuQXIQRUP/g8t5/bIwYhB:v6Zv2ivhBVnFvh5Q44UP48ncwQB
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource concp32.exe
Files
-
concp32.exe.exe windows:1 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 172KB - Virtual size: 172KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 43KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE