3013fec4d3d36b65da8f15a586813b97081776f87966ca78a81116f66f547e04 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3013fec4d3d36b65da8f15a586813b97081776f87966ca78a81116f66f547e04
Size

31KB
MD5

9eb6be956de52c6c41a26470c2b8da52
SHA1

909f64420df15bd6cac7737745a094ab3e856c44
SHA256

3013fec4d3d36b65da8f15a586813b97081776f87966ca78a81116f66f547e04
SHA512

c82bf1cdac53109d8e66f0edda253389f38fcbb4c7c843f961cc07853477b2cf0469149cfad0332f3a52363f060b30b64b92d3e32014d1ce5cd2430d9e316542
SSDEEP

192:nvxJqAPhpeS1ZK4O3CDHLLlzMZl4vl10GPdYPmVI+tTpXXXcEukUqU4ubvRxKP:ZUAPk2MZlm5P6d+tTZcS64uFQP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3013fec4d3d36b65da8f15a586813b97081776f87966ca78a81116f66f547e04

Files

3013fec4d3d36b65da8f15a586813b97081776f87966ca78a81116f66f547e04
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE