Behavioral task
behavioral1
Sample
0e1af0f9e489d62d498a9592de29ac51e04f91b63b41fc2076114ff1fc1d9868.exe
Resource
win7-20240903-en
General
-
Target
0e1af0f9e489d62d498a9592de29ac51e04f91b63b41fc2076114ff1fc1d9868
-
Size
150KB
-
MD5
28361512345336667d9a5903a28b1bd0
-
SHA1
300884007e313bedc1187bb099071f4a2cd163ed
-
SHA256
0e1af0f9e489d62d498a9592de29ac51e04f91b63b41fc2076114ff1fc1d9868
-
SHA512
ab9af76afb724c1c8b7579572bcd65cef8e45c9babe48a4e6f24ab684d094d03507f519b7c957822689c2a3e8e8eea8d791a6b66a768dc88b8d79f3d72e78639
-
SSDEEP
3072:fny1oRjc3D5o1jSgn5+lwCRlCh+YiiaWg5EeHXDgkef7YWu9ZJW3BRt8YbMBOUCa:KWRjc3o1/HtafEIMcVZ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 0e1af0f9e489d62d498a9592de29ac51e04f91b63b41fc2076114ff1fc1d9868
Files
-
0e1af0f9e489d62d498a9592de29ac51e04f91b63b41fc2076114ff1fc1d9868.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE