Behavioral task
behavioral1
Sample
fbdb0bab5938bfbe498df692cfe64f00N.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
fbdb0bab5938bfbe498df692cfe64f00N.exe
Resource
win10v2004-20240802-en
General
-
Target
fbdb0bab5938bfbe498df692cfe64f00N.exe
-
Size
82KB
-
MD5
fbdb0bab5938bfbe498df692cfe64f00
-
SHA1
e5904fbffdc7735ad9d1b184afd89a9722e7cdf6
-
SHA256
9b8740d79a577aeb8ce27ab48774c73acd3dee10c2b482cbb808673a45f13a71
-
SHA512
5aa4b5bf483dcd86b6fbce2ad3ffd59107ce578fe66cf5a286b8461b2ab90313253e6ef7961a3eca155ad5896398967daf259e4afc76f9b1e2ebadb0a7df2591
-
SSDEEP
1536:2JaPBs3f8e3C8xx8K5Bm0G3rFaaLClA/K8RILNb5MBWoxXQSwGkgXC3YSL6vhmVw:2J0Bs3o8A4M3riN6MhGkgS3PL6pb9tt
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource fbdb0bab5938bfbe498df692cfe64f00N.exe
Files
-
fbdb0bab5938bfbe498df692cfe64f00N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 76KB - Virtual size: 76KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 84KB - Virtual size: 84KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 72KB - Virtual size: 72KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE