Behavioral task
behavioral1
Sample
56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852N.exe
Resource
win7-20241010-en
Behavioral task
behavioral2
Sample
56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852N.exe
Resource
win10v2004-20241007-en
General
-
Target
56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852N
-
Size
655KB
-
MD5
81a907157cf95a8ae17dca9599a92660
-
SHA1
6d4db934592308d7c187e4ca876fc42e5c981450
-
SHA256
56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852
-
SHA512
033c9a8ce07fd9aa14a3d4f21d8fb0d6e3d6e19ca605fe2c2646255b466d3c45a7ce3142239b01765a533adb06990f0763dfb9d1fc0b09392fcb3643b0201b58
-
SSDEEP
12288:SKg71yAoHNWR8bTH7MrcuWE/wove/j24yu/ATnZuPESLnV+pF3:1HNJDMor12mquPZjqd
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852N
Files
-
56293f130ef1f08fbf4bd7f817526bcbf78243859addf75d8ca32c7addc5d852N.exe windows:6 windows x64 arch:x64
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
Sections
UPX0 Size: - Virtual size: 3.5MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 653KB - Virtual size: 656KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 1024B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE