Behavioral task
behavioral1
Sample
dd0d0b3eeb6ab05736c92c569fe09c00N.exe
Resource
win7-20240708-en
General
-
Target
dd0d0b3eeb6ab05736c92c569fe09c00N.exe
-
Size
144KB
-
MD5
dd0d0b3eeb6ab05736c92c569fe09c00
-
SHA1
6aadb22db77ac9de2b7917fe44ebbed48664870b
-
SHA256
f3ac1dcc3e7f1e79f6fc3fec562f6f6e8df1481fafb5392d091d7a96fa007d84
-
SHA512
619ac5a83d784bfd2c04fc598c005de4f14e6bef232e562c50ac2aa56d3ea38e379d397dfd68f32475a493ecea1f960a1a57b151ac4f0d777bdcb9f05663d429
-
SSDEEP
1536:CTWn1++PJHJXA/OsIZfzc3/Q8NCuXYRY5I2IjXtXqkyOtOcvOCg7WBaMrDOS:KQSoDuXuv3jXtX4maAj
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource dd0d0b3eeb6ab05736c92c569fe09c00N.exe unpack001/out.upx
Files
-
dd0d0b3eeb6ab05736c92c569fe09c00N.exe.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 8KB - Virtual size: 5KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 4KB - Virtual size: 1KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 352B
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 3KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ