Behavioral task
behavioral1
Sample
a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334N.exe
Resource
win10v2004-20240802-en
General
-
Target
a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334N
-
Size
655KB
-
MD5
dbb388776e4982c7bae9d413b71765c0
-
SHA1
6514efd9f6a506a624fa4c20b5c2a93b0f0e8c02
-
SHA256
a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334
-
SHA512
f7c27dc137a272e2a398ab18f10012d592a5ed92bdf936258fda11441dcc5428707415fa5e47f7659833c428685b848e4c9c7df8b962a355dd9e99d1e608b40f
-
SSDEEP
12288:SKg71yAoHNWR8bTH7MrcuWE/wove/j24yu/ATnZuPESLnV+pFy:1HNJDMor12mquPZjqY
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334N
Files
-
a708ff40fbd7702d328da3af7c53b6d0c5843b6ba1e39a6cf7f41aa0ca0a0334N.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 653KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE