Behavioral task
behavioral1
Sample
849d94512ae368e75cb0eeb13339c752f7c12254a429b887c99c6bbc6444de00.exe
Resource
win7-20240903-en
General
-
Target
849d94512ae368e75cb0eeb13339c752f7c12254a429b887c99c6bbc6444de00
-
Size
202KB
-
MD5
ee4f1bb44ebde2bd97c7627c92016842
-
SHA1
70e1a087bc87ede1bf33897df9a4a20dab64778e
-
SHA256
849d94512ae368e75cb0eeb13339c752f7c12254a429b887c99c6bbc6444de00
-
SHA512
d610e258a7d5a7e6c60dcbcc71d9b200fe5f399ec293b51bfc2a715d68e26a49da05719dce27a2505ff5d1f58fbf6edfa30fdb85bbbe2ae2286fdd4c14a133f9
-
SSDEEP
3072:a74MyJjjlLzVjN50BdQqlYgp72xzbuawaGO0OJw8KWs6IgVLE7QkfIA9:awj30dlZ+GVaRVLE7QkfIG
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource 849d94512ae368e75cb0eeb13339c752f7c12254a429b887c99c6bbc6444de00
Files
-
849d94512ae368e75cb0eeb13339c752f7c12254a429b887c99c6bbc6444de00.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 183KB - Virtual size: 184KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 3KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE