bb026bfcb47fbfb4721e3d5249fa06e99ac68455553aec0a86717cf00a0aaa80 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bb026bfcb47fbfb4721e3d5249fa06e99ac68455553aec0a86717cf00a0aaa80
Size

6.4MB
MD5

3ab5e00bc383c515c7c8bfe5e2f6714b
SHA1

b28b0901741e13360ee3fd816efb1f4a852d05c5
SHA256

bb026bfcb47fbfb4721e3d5249fa06e99ac68455553aec0a86717cf00a0aaa80
SHA512

d725bc225c2f7176a4210703e2d3261aaa0875e8da85d8bdf34630f26e98d7c85c2c9298b2b36383bd1e4cd49398733d45d854a73518838845f10faacd31684d
SSDEEP

196608:C1tCLw7DXjNHQwMe6D+mi1A323nx41qYbM+NFB:C1tCLw/Xj6wkKmiC323ny1qYblNH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb026bfcb47fbfb4721e3d5249fa06e99ac68455553aec0a86717cf00a0aaa80

Files

bb026bfcb47fbfb4721e3d5249fa06e99ac68455553aec0a86717cf00a0aaa80
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 9.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6.3MB - Virtual size: 6.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

HERO
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DUEN
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE