Behavioral task
behavioral1
Sample
dd73cc5c7dd9033a05824b9c8051c5bbdd392e2a0dd91ce8abe58e9b7fb1c09e.exe
Resource
win7-20240221-en
General
-
Target
dd73cc5c7dd9033a05824b9c8051c5bbdd392e2a0dd91ce8abe58e9b7fb1c09e
-
Size
278KB
-
MD5
f0fcb407497b426a1ea1224396bd91f7
-
SHA1
9163ad8a769d62a5bd9dff788cb279e462a3e9a0
-
SHA256
dd73cc5c7dd9033a05824b9c8051c5bbdd392e2a0dd91ce8abe58e9b7fb1c09e
-
SHA512
22fcee6488dc19a87137bacad96ee87015478252542ebefe05608b0122dc52454683a52d4a57d441384c26c5386743c871b1504ada31bedd86f640f2fe191769
-
SSDEEP
6144:7cm4FmowdHoSoXSBcm4Vcm4FmowdHoSphra+cm4FMhraHcpOaKHpg:B4wFHoSoXW434wFHoS3eg4aeFaKHpg
Malware Config
Signatures
-
UPX dump on OEP (original entry point) 1 IoCs
Processes:
resource yara_rule sample UPX -
Processes:
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
Processes:
resource dd73cc5c7dd9033a05824b9c8051c5bbdd392e2a0dd91ce8abe58e9b7fb1c09e
Files
-
dd73cc5c7dd9033a05824b9c8051c5bbdd392e2a0dd91ce8abe58e9b7fb1c09e.exe windows:4 windows x86 arch:x86
Headers
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 104KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
tkjdelw Size: 40KB - Virtual size: 44KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
wFKsTzMc Size: 2KB - Virtual size: 1KB
TpQSAAEF Size: 10KB - Virtual size: 9KB
ThVhzkYd Size: 4KB - Virtual size: 3KB
KmnfBuri Size: 3KB - Virtual size: 2KB
JIqCvmGH Size: 2KB - Virtual size: 1KB
mEXIzxyC Size: 1024B - Virtual size: 613B
qvqXTehX Size: 17KB - Virtual size: 16KB
lhasFVeD Size: 4KB - Virtual size: 3KB
fRFIGFTP Size: 67KB - Virtual size: 66KB
lDRvOevM Size: 24KB - Virtual size: 24KB