c0d792c1001e98ba3bfb7781782433e4da6803422c5c2d69dde4ddfdbac3b84a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c0d792c1001e98ba3bfb7781782433e4da6803422c5c2d69dde4ddfdbac3b84a
Size

3.8MB
MD5

ca0ff0659a703505bd574501f22f0a24
SHA1

aa91b90fc2bde95044d60c05556d8a0b78619779
SHA256

c0d792c1001e98ba3bfb7781782433e4da6803422c5c2d69dde4ddfdbac3b84a
SHA512

417f7edbf05553b47b23c168681e2b642560f8c4563b54510510053ca3d5d05bda9a03ab06058bfc8ba6d39d545d479d64f5d510a55a8d4333a7ba96fe709181
SSDEEP

49152:GrpoPMqR7RZAHiytchRScaz1eUp/3NwTg+T+s8KuqGaX0ToIBAUZLYpM:skR7RZAHir/ScazkUNNwTCJBAUZL1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c0d792c1001e98ba3bfb7781782433e4da6803422c5c2d69dde4ddfdbac3b84a

Files

c0d792c1001e98ba3bfb7781782433e4da6803422c5c2d69dde4ddfdbac3b84a
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE