0f4c99039f82deaddbc3c16f6db687f7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0f4c99039f82deaddbc3c16f6db687f7
Size

901KB
MD5

0f4c99039f82deaddbc3c16f6db687f7
SHA1

2768163504602fd6f7a84ee6a6a24c6ad1ddc908
SHA256

26e7e52fc788aa9691f688efcfabaf3d4da9d8200a1fc1e3c54631d23bee1008
SHA512

c776a166c42061181f1be56c4ed6ed539fe33f3d95b1303ea9f0940305b7a654873ee296908b75642fdcedac51bc9af8b0a20423725b4473ceec6cf508f7854a
SSDEEP

12288:jt0VPFfsKAkrbPlXhHANUTNq+TmHANUTNSiV:SFksb1AqiV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f4c99039f82deaddbc3c16f6db687f7

Files

0f4c99039f82deaddbc3c16f6db687f7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 796KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 153KB - Virtual size: 156KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rol
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE