8401afd4dd28a5c77ae35d67316b56f249dc292988f725ed3d6a71fb8d51716d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8401afd4dd28a5c77ae35d67316b56f249dc292988f725ed3d6a71fb8d51716d
Size

516KB
MD5

6bf5710943a2f160b600ef338ba80ab9
SHA1

8b3eafc6ecd1281d4eb8fc7d1826a8520ce0e6a8
SHA256

8401afd4dd28a5c77ae35d67316b56f249dc292988f725ed3d6a71fb8d51716d
SHA512

e26e3e21ea9131e08045159161c4ffbb6f178c75d81242754c29f46d41035f82823502ae472a0bb29fb67051fc8cf49de146ba4495fa568aab41818a416a6fd4
SSDEEP

12288:VUQ32w2TXCEb3Xf9huI5oTlF56hdN7EXfi/aaFlStPFoSKw9:VGCEXf9huIqh6vN7EKSai99

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

8401afd4dd28a5c77ae35d67316b56f249dc292988f725ed3d6a71fb8d51716d
.exe windows:5 windows x86 arch:x86

Code Sign

4b:0f:52:5d:f6:fb:fd:42:bb:23:35:90:bb:4d:15:2a
Certificate

Issuer

CN=Free

Not Before

08/12/2023, 08:07

Not After

31/12/2039, 23:59

Subject

CN=Free

e1:3f:ae:56:a5:05:53:90:e0:ef:60:3f:4b:95:08:85:db:51:e0:2e:18:28:60:f4:b1:e9:22:60:18:df:3a:17
Signer

Actual PE Digest

e1:3f:ae:56:a5:05:53:90:e0:ef:60:3f:4b:95:08:85:db:51:e0:2e:18:28:60:f4:b1:e9:22:60:18:df:3a:17

Digest Algorithm

sha256

PE Digest Matches

true

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 752KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 493KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE