Behavioral task
behavioral1
Sample
403bb6076c87042dc684ad0f8f0dd070N.exe
Resource
win7-20240704-en
General
-
Target
403bb6076c87042dc684ad0f8f0dd070N.exe
-
Size
60KB
-
MD5
403bb6076c87042dc684ad0f8f0dd070
-
SHA1
06c431cb02d4d3db98f6aafdd3e62b632bf3e812
-
SHA256
15797e546d47e1bf1d15539d075a9284ab84bfaaecf786c8225682525eb8aa76
-
SHA512
d96211636094d6875e87a308457b067415d04f4945b11ad83afa3d169a78968c7458cce3e9f07d4b8362b4f748a4d7718d9a37b76b5e8355656190d9fb7ed7be
-
SSDEEP
1536:Rmfw372IHhMFiIBH5rts5kkIfCJonouy8KhF7z5Dv:RmI3dHhMFiIBlts2ZfToutKfz1v
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 403bb6076c87042dc684ad0f8f0dd070N.exe
Files
-
403bb6076c87042dc684ad0f8f0dd070N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 388KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 32KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 9KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE