Behavioral task
behavioral1
Sample
a9eb7cba84ab4c0aeceedb7886ccda1041ead0bd39fe3215c2830d12c83094dc.exe
Resource
win7-20240221-en
General
-
Target
a9eb7cba84ab4c0aeceedb7886ccda1041ead0bd39fe3215c2830d12c83094dc
-
Size
185KB
-
MD5
6375ba3cac7ddae754678c391448b2a4
-
SHA1
a54e29a955ca2a5a29a6a458d61c4c33e0334b0d
-
SHA256
a9eb7cba84ab4c0aeceedb7886ccda1041ead0bd39fe3215c2830d12c83094dc
-
SHA512
c3e43cd85cc4ef8223e1bd50cbf793b2883d63ec81c6f982c42a14f8b157652e020953e7b26d448a5b2a1afb4f6e359517923890c916473f82b912edb105219e
-
SSDEEP
3072:chOmTsF93UYfwC6GIout5pi8rY9AABa1U+a88Xu3VodyikZfhnJtJI+i:ccm4FmowdHoS5ddWX+afdlkpPtJIv
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource a9eb7cba84ab4c0aeceedb7886ccda1041ead0bd39fe3215c2830d12c83094dc
Files
-
a9eb7cba84ab4c0aeceedb7886ccda1041ead0bd39fe3215c2830d12c83094dc.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.data1 Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE