0bfd526bbf364c66490d6719ded4e99a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0bfd526bbf364c66490d6719ded4e99a
Size

108KB
MD5

0bfd526bbf364c66490d6719ded4e99a
SHA1

da3153e90366cb752f51cfd799deaafc4f47f519
SHA256

79712f43801c531a6861e3192fc7be5867cb7821b55fbb7a892e232e4c72c70e
SHA512

7e7e94767862c6d5ab0f1092c5d47953bc35188e812755a82e7f4c6db7a99af6eaf6c4a6731f74c2eb8a36def0a8a00e1e3cb204ee379682a0a17ae2c9bf2e97
SSDEEP

3072:C16p3Lqmf9XFulkr+D5mmgJAeq/hVHAKx:C16pLf9Gkr05gJI35

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0bfd526bbf364c66490d6719ded4e99a

Files

0bfd526bbf364c66490d6719ded4e99a
.exe windows:8 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

colleea
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE