0a6162196885805f1d4ff82464f89ddf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a6162196885805f1d4ff82464f89ddf
Size

256KB
MD5

0a6162196885805f1d4ff82464f89ddf
SHA1

c93cb710f9e164d7671fc11f63f41016b8915d44
SHA256

40599d05b8f52d50275964c78b77b1f72b31d622eeaaf6f880b6110fa3467d5b
SHA512

dc869424df06ca3081e429b15c5d29abc73cd285d3b34cae0b4e0345c8ff972cfb0cd01506e3c3556f63111255854d8a8b913c21137c55771f3c94462cc25d1a
SSDEEP

1536:SBHPPxnGWX+usx1QsosjrelXttZLEEuGPWqq7U+FA0VsCn4xY:m1TOuw1QwjoZLluucUEA0Vt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a6162196885805f1d4ff82464f89ddf

Files

0a6162196885805f1d4ff82464f89ddf
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 173KB - Virtual size: 188KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.QXT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nkh
Size: 4KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE