Behavioral task
behavioral1
Sample
d0eb2bd79e9623c57978347cdff1c3f0N.exe
Resource
win7-20240704-en
General
-
Target
d0eb2bd79e9623c57978347cdff1c3f0N
-
Size
240KB
-
MD5
d0eb2bd79e9623c57978347cdff1c3f0
-
SHA1
36fc98108f240fda8c9e6a67ba87eb4bc0cb2c00
-
SHA256
479c26ef6c7b3f1914752a4fde9b4dad61092f81c78e3bf667fc0d10c0ff3be4
-
SHA512
ff35e2a86150fd9b45ccc6ff0dd4b5df96dbb77ee9b814178b2b8ca1c4658ee46505cb5c2318ca645090014e8d327ceb17b619e2d4b640f6d4984b682da6bf41
-
SSDEEP
6144:qi5odAGPGDu5KIkvV0kIuB+7/r0T0p6AY8yFrGdJna/P:zLG6u5fJ1r0U5yFIJna/P
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource d0eb2bd79e9623c57978347cdff1c3f0N unpack001/out.upx
Files
-
d0eb2bd79e9623c57978347cdff1c3f0N.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 340KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 212KB - Virtual size: 212KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 27KB - Virtual size: 28KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 380KB - Virtual size: 376KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.rdata Size: 88KB - Virtual size: 85KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data Size: 12KB - Virtual size: 24KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 44KB - Virtual size: 42KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ