Behavioral task
behavioral1
Sample
400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1.exe
Resource
win7-20240704-en
Behavioral task
behavioral2
Sample
400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1.exe
Resource
win10v2004-20240802-en
General
-
Target
400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1
-
Size
135KB
-
MD5
95837e3673454bf95570a26c1daa5519
-
SHA1
73d6d287e217cabac4adbacecc6dc6bc425f9bde
-
SHA256
400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1
-
SHA512
51c861b0715e23875d8730fb39c590b08c15cee8aa3663cffbe19263b073585c4c7b8cd45c972dc819e2b0c4515fd924a945bd82307cf0c8290e1ce3831a2039
-
SSDEEP
1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SOx:YfU/WF6QMauSuiWNi9eNOl0007NZIOx
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1
Files
-
400d2e3aa8c4c49f62b80d11ebe3f60d4093b36ce34f37c483dbacd0d3203ed1.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 64KB - Virtual size: 80KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 38KB - Virtual size: 40KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 26KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.reloc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE