Behavioral task
behavioral1
Sample
4126ef4945c09f2089a5eaba00d1373016726d5b8f2a53a56b4aec4a95fb7251.exe
Resource
win7-20240903-en
General
-
Target
4126ef4945c09f2089a5eaba00d1373016726d5b8f2a53a56b4aec4a95fb7251
-
Size
38KB
-
MD5
9dd5b2cc5e4e3f6f57fd53c233642cd1
-
SHA1
a0593f2a8dcaff05e3d5812047e25ab6dd0cfb89
-
SHA256
4126ef4945c09f2089a5eaba00d1373016726d5b8f2a53a56b4aec4a95fb7251
-
SHA512
f0bd598cab4de8510df05676bccf87bd911eebfe05d926eb658529a0f9def041260a79940d765044969b24e04614b9623b0e0d8e699b5dec90b47bc07966cbfe
-
SSDEEP
768:Nzj1JegVa3Gry+uELEmITCs/NUZ6nZdYbCLECkrQoP9fmF2f1cOGuU:NWQa2TLEmITcoQxfllfmS1cOg
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 2 IoCs
Checks for missing Authenticode signature.
resource 4126ef4945c09f2089a5eaba00d1373016726d5b8f2a53a56b4aec4a95fb7251 unpack001/out.upx
Files
-
4126ef4945c09f2089a5eaba00d1373016726d5b8f2a53a56b4aec4a95fb7251.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 92KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 34KB - Virtual size: 36KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 2KB - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
-
out.upx.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
.text Size: 104KB - Virtual size: 103KB
IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
.data Size: 4KB - Virtual size: 8KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 4KB - Virtual size: 2KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ