439ec61a9ae8680cd55ccca2a814db52 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

439ec61a9ae8680cd55ccca2a814db52
Size

392KB
MD5

439ec61a9ae8680cd55ccca2a814db52
SHA1

b223979c459dcbc7c8726691d0b17761932a62be
SHA256

9e314b31957bd97c1a4c0d562454291f75fccac1d90d50ea6d15237d27d88806
SHA512

e639af77b488afc5e29d5d5eebd7dfa1730a824fe16aafaf419b554589f2b8dc652600e749a16edb8c1fb6ff15b3aff5e256cc9897cc3d690323fd34c98dd89f
SSDEEP

6144:oN7HSnFNC7rGN3bkty0Mki8787O71rkhJSammcmZ:m7HSnG7rGNrkty0fkhAlmv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
439ec61a9ae8680cd55ccca2a814db52

Files

439ec61a9ae8680cd55ccca2a814db52
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 290KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.snaker
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE