Behavioral task
behavioral1
Sample
3fa64c837e8131bdb196e82433d7e145d8fa20eb3768a141b0d981561852dbdb.exe
Resource
win7-20240903-en
General
-
Target
3fa64c837e8131bdb196e82433d7e145d8fa20eb3768a141b0d981561852dbdb
-
Size
2.7MB
-
MD5
0961aec22e8ebe5e159d27807d3684e8
-
SHA1
369960c250bd33000a0e8943527e2b1fe521b91a
-
SHA256
3fa64c837e8131bdb196e82433d7e145d8fa20eb3768a141b0d981561852dbdb
-
SHA512
ab97962ff8fe59308635436d153819bfc277f3c3e26a050b71436943a2a2034260e675261d3cac9836bf711ceebf1959e9b062485988afe2ac70f3bc06677a03
-
SSDEEP
49152:PGQvLkaiflIJsaJsRui3pwgrnw6tA1V1mPnbw8s3dcY1MIVIC+G+Jxon6YgD4gHw:PGQvMfwJJsT5IQnbw9VNaC6Y2Ih
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 3fa64c837e8131bdb196e82433d7e145d8fa20eb3768a141b0d981561852dbdb
Files
-
3fa64c837e8131bdb196e82433d7e145d8fa20eb3768a141b0d981561852dbdb.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 4.6MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 2.6MB - Virtual size: 2.6MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 43KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE