3ad79a5c2c38a7c704216039408a2dbb605bb13273300f3a5db305278c3ff22c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3ad79a5c2c38a7c704216039408a2dbb605bb13273300f3a5db305278c3ff22c
Size

557KB
MD5

a2f9bdfe0e8eaa41c78f860f9a47dba6
SHA1

2b4e3ff80ce2d62294e55c7406a5142cc4a98127
SHA256

3ad79a5c2c38a7c704216039408a2dbb605bb13273300f3a5db305278c3ff22c
SHA512

50a429bcf69e2842afe9910641ca7eef98a0e08cf6d02dc765f68b1289560d902a88d91121455e00fb9d0424a7b6b38a91d8d806670857a2c4b89322a529f63e
SSDEEP

12288:hVQ2qMkOBU5IIAIIICUsul888888888888W88888888888g:hua+5IIAIIIi

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad79a5c2c38a7c704216039408a2dbb605bb13273300f3a5db305278c3ff22c

Files

3ad79a5c2c38a7c704216039408a2dbb605bb13273300f3a5db305278c3ff22c
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

@@Main@Finalize
@@Main@Initialize
@@Unithome@Finalize
@@Unithome@Initialize
_Form1
_Form2
__GetExceptDLLinfo
___CPPdebugHook

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: 538KB - Virtual size: 540KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE