Behavioral task
behavioral1
Sample
11abab2b13602043ed3005bfed6fd33e7e63791e16e4a6c77d90643667e893f5.exe
Resource
win7-20240705-en
General
-
Target
11abab2b13602043ed3005bfed6fd33e7e63791e16e4a6c77d90643667e893f5
-
Size
249KB
-
MD5
45c26c120dc9cedf8886fe4af6b67c0e
-
SHA1
2cd0d80dab24ee79b2cefde04972d49133c5db8d
-
SHA256
11abab2b13602043ed3005bfed6fd33e7e63791e16e4a6c77d90643667e893f5
-
SHA512
bf80b445eb1b516e0cc725e2f3144c348db16a867d9d9d5018f9cbe7d74c093422d3d2ddeb5368670165f8e055b648c8d4e82005a3b5e52e845ce29f71b32da8
-
SSDEEP
6144:NMhEILGFkzhr0dGj9ojBV+UdvrEFp7hK8x:UBcoaGj9ojBjvrEH7B
Malware Config
Signatures
-
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource 11abab2b13602043ed3005bfed6fd33e7e63791e16e4a6c77d90643667e893f5
Files
-
11abab2b13602043ed3005bfed6fd33e7e63791e16e4a6c77d90643667e893f5.exe windows:5 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 232KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 73KB - Virtual size: 76KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 92KB - Virtual size: 120KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE