038b7b4cb45424454e6b6c3916bdad3a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

038b7b4cb45424454e6b6c3916bdad3a
Size

3.2MB
MD5

038b7b4cb45424454e6b6c3916bdad3a
SHA1

c9f106e7c0ffe23ffc33cd4f15adfe5535727c65
SHA256

4c0d9093ea1b4d8fb07108a35f8032629f9935318486665d750c484290709ce2
SHA512

07d308bb7b1948765b1d14f0f07e44441fa1c7e6e5bd87c15f4de3484d5b9d68357b68ab2fdd07cd7f48388e9569c64e7bd24ab5a0220f2bf9eb28fb2fbe0105
SSDEEP

49152:xpb3AS2lkAi2yRyR3xEz1UtGnkmsXAv4AraAsH/DbRTuiG1fPoPe:x9wSnwyRmBEzsmsa4jtfD9f8PoPe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
038b7b4cb45424454e6b6c3916bdad3a

Files

038b7b4cb45424454e6b6c3916bdad3a
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 512KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1007KB - Virtual size: 1008KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ