Behavioral task
behavioral1
Sample
158e61e68cf6837b4a4dc7300817cbcd5b3c8f81d4e72587aac719ebb3f5f69c.exe
Resource
win7-20240729-en
General
-
Target
158e61e68cf6837b4a4dc7300817cbcd5b3c8f81d4e72587aac719ebb3f5f69c
-
Size
15.2MB
-
MD5
659a3fd5f8148705f894fa477cdf5435
-
SHA1
eb88ebc9360e47bb47454619398ef274c73b9261
-
SHA256
158e61e68cf6837b4a4dc7300817cbcd5b3c8f81d4e72587aac719ebb3f5f69c
-
SHA512
0a7fedaef70ace2b3d7d1542bf967bd29c0e0f60fc7054638e60a9be1ebb32049cf1ec6c8910813f439129cbb8ef912610a6275a39cfa92d74b6ed1ba37b66b2
-
SSDEEP
393216:SySLgH1iHzJ6OYFUhnW9BQGi/xRmyfiG0foykYhUjgihfvqhPD:SySEViHkZFUhWMGi/xUGCkYhGXuPD
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 158e61e68cf6837b4a4dc7300817cbcd5b3c8f81d4e72587aac719ebb3f5f69c
Files
-
158e61e68cf6837b4a4dc7300817cbcd5b3c8f81d4e72587aac719ebb3f5f69c.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 6.2MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.9MB - Virtual size: 2.9MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 215KB - Virtual size: 216KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE