Behavioral task
behavioral1
Sample
254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6N.exe
Resource
win7-20240903-en
Behavioral task
behavioral2
Sample
254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6N.exe
Resource
win10v2004-20240802-en
General
-
Target
254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6N
-
Size
158KB
-
MD5
5a68f82fa73511337abc6015a32a2880
-
SHA1
045511930cb7bb3e2bb98d7f9de8167cbdd36ba4
-
SHA256
254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6
-
SHA512
2a2dabf2a4ff528e270342d6e5058e1aa9468b8c25dd5051c683788c9af93de3e3a98d5bd66b4e66c31f7e1641c970b834fda7a32aa5b3588891c5fec95ddd77
-
SSDEEP
1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zx4LgLrdqdOTWn1++PJHJXA/OsIZfzcg:fnyiQSoFcPdqdOQSoFcPdqdZ
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6N
Files
-
254e172a4a44b4d90f377920bd0c06bbd5c6dc7204a71fdd59c3246dfdda08e6N.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
Sections
UPX0 Size: 21KB - Virtual size: 24KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.imports Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE