26164d511c392a0599cd9e34b54535691fb29e000efb32f1c2d34147d21f16e1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

26164d511c392a0599cd9e34b54535691fb29e000efb32f1c2d34147d21f16e1
Size

2.6MB
MD5

f561005a0947b16ad65c9cf6d1af5efb
SHA1

2d1a4f6dc1891ed3a023431fa84bce9e5d0ddb14
SHA256

26164d511c392a0599cd9e34b54535691fb29e000efb32f1c2d34147d21f16e1
SHA512

d09fdedeb4beac2d309693267239ee33b421561a032db7df47f99304a88f96193f459c52514d815f6086eaa6659ba6297e7c81b97602660f5936e113976d332d
SSDEEP

49152:1GxbYzzvNtsVGczzvNtsO2Acn9CkZ0X2hff/yC3G/Je3:1GxWzj4G+zjPyrpR3f+e3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
26164d511c392a0599cd9e34b54535691fb29e000efb32f1c2d34147d21f16e1

Files

26164d511c392a0599cd9e34b54535691fb29e000efb32f1c2d34147d21f16e1
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 392KB - Virtual size: 392KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 201KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE