Behavioral task
behavioral1
Sample
VTRL.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
VTRL.exe
Resource
win10v2004-20240802-en
General
-
Target
VTRL.exe
-
Size
2.2MB
-
MD5
1dfce1209727b9b1b98db007762f6783
-
SHA1
447fb17018334b9272e2db048006945b8ccba5ed
-
SHA256
4035add88e07fea2d9ed1dcbcccd0ec4ee7345502ea55977a35fc866c8e26a76
-
SHA512
194c21e6b254d5eef51d40dfafaf6e96eea20d993956103a6ffe28c71aaf0fa7abec4aa41c159df2886f06ce4045576bd17e51b69efeb10e552dc8b6b951f349
-
SSDEEP
49152:I55G/gD91qkyLxQN7i9/QMnNaQ/N4m4ihebenPBp/2+:C37vyui9oMQQRLYCpd
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource VTRL.exe
Files
-
VTRL.exe.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.2MB - Virtual size: 2.2MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE