Behavioral task
behavioral1
Sample
a5bffa1d74324f2a55c1f44388743cd583c5ca6474cd83e8013e44c1d79bf8ab.exe
Resource
win7-20240708-en
General
-
Target
a5bffa1d74324f2a55c1f44388743cd583c5ca6474cd83e8013e44c1d79bf8ab
-
Size
3.3MB
-
MD5
6cbe7063da6ac784a7f21c557298c25f
-
SHA1
fcf06df82693bdcbbd6bf7bf6effe19d0117fce6
-
SHA256
a5bffa1d74324f2a55c1f44388743cd583c5ca6474cd83e8013e44c1d79bf8ab
-
SHA512
6c21411f809feba4ac92f830a37eeb1304b9436c91026b9360ea44e527c9854640945fecd590bbda289180dd40b3e0ab2a6e98e08ff7a1ba13816f5efa496acb
-
SSDEEP
49152:CgFhwxj9pbkwt4Hku5sgfjyInaIMRutaoLUq:W99pIS4EesOmInxMYtV
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a5bffa1d74324f2a55c1f44388743cd583c5ca6474cd83e8013e44c1d79bf8ab
Files
-
a5bffa1d74324f2a55c1f44388743cd583c5ca6474cd83e8013e44c1d79bf8ab.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 660KB - Virtual size: 660KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 12KB - Virtual size: 12KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.text Size: 320KB - Virtual size: 320KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.adata Size: 64KB - Virtual size: 64KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data Size: 128KB - Virtual size: 128KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.pdata Size: 832KB - Virtual size: 832KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.idata Size: 8KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE