041e73cd9e31447c1929640f097f395b | Triage

Sharing

General

Target

041e73cd9e31447c1929640f097f395b
Size

85KB
MD5

041e73cd9e31447c1929640f097f395b
SHA1

ea3ec798590356bcf3fa08b208b51da0c7ca0fb7
SHA256

a8ee0666bf36baf2198869fc194964b20586d12907a26480dbbcc9c1d41cac47
SHA512

ba973d1514c796a4d5639715e0404dffd367ba4c671b09baf5bb61bf7402a6b3d6b8f37fdc5cb1d357df8b5cb2cf85224f35e31e3e5612a3c5e4eb2b12ec7104
SSDEEP

1536:rbmW/SMT6VgHMJBAvtjnr9Q8vdVwOGz0/COxiWsvuEeL:r6WPeVgHC+zr9Q81GCC2EC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
041e73cd9e31447c1929640f097f395b

Files

041e73cd9e31447c1929640f097f395b
.exe windows:4 windows x86 arch:x86

de39dc68941cc6307e3b2590c857a907

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetModuleHandleA

user32

wsprintfA

advapi32

RegCloseKey

ole32

OleRun

Sections

UPX0
Size: - Virtual size: 44KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 68KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE