cf9beec4f1bba75d91c62f7df0f09697a4339760a72d3a4ad2020c1102908ad8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf9beec4f1bba75d91c62f7df0f09697a4339760a72d3a4ad2020c1102908ad8
Size

6.8MB
MD5

ffe9c3e1a17992adb92fa2b7786c6879
SHA1

ac4ebeb1179b0b0568c6bb4480047b7230f1a3fc
SHA256

cf9beec4f1bba75d91c62f7df0f09697a4339760a72d3a4ad2020c1102908ad8
SHA512

e59f0c8cf2b5412ae80b673a56f35f995701611a7c39c0b22d26e8fb351ec2ec770c769b459dbf90421a1a6d3d292bc5ffdb8ebe973a1b13f80409d3ed1542a3
SSDEEP

98304:dGFQAlALqXlzbynnpS9kzR6JBAUZLrfzRD:dGFQuXYz6JVHFD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf9beec4f1bba75d91c62f7df0f09697a4339760a72d3a4ad2020c1102908ad8

Files

cf9beec4f1bba75d91c62f7df0f09697a4339760a72d3a4ad2020c1102908ad8
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 5.3MB - Virtual size: 5.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 268KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE