Behavioral task
behavioral1
Sample
cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47N.exe
Resource
win10v2004-20240802-en
General
-
Target
cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47N
-
Size
655KB
-
MD5
f5d80f143897d0b41eecf9504bf02c30
-
SHA1
f2c8a948302a71bb4f4eb4ce0719e3db24b77b68
-
SHA256
cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47
-
SHA512
a71c1017df58192f0679e6684b5b172ee999657e5b4e8790513d56a483a39351b1ad6f8f2f13c4dd19d99a2be03241cf70c10ff0f2013017e0a0b205738383c6
-
SSDEEP
12288:SKg71yAoHNWR8bTH7MrcuWE/wove/j24yu/ATnZuPESLnV+pFz:1HNJDMor12mquPZjql
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47N
Files
-
cb7f406c35b51d31657cebbae87f25e6a8b3038417ab882e7dd049a7c2a5bd47N.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 653KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE