358a693665e839e9f3be488933407c46 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

358a693665e839e9f3be488933407c46
Size

631KB
MD5

358a693665e839e9f3be488933407c46
SHA1

6c080b1297b86066fb3d115d424cf9949151e0e2
SHA256

6b1168507f16bb90373881551a74efdde167a7dc0bacaefcc63fae3f06445686
SHA512

aa5ced2431eca3a42a5f55cc1b1767b6cd95a67485b89a68e4037e28aad4d70f85cb596b4d11660e38020365085e14c8e540ee20c3bd6d6f4f22a584e4395904
SSDEEP

12288:CwpKhz2+UlttCCmT3UumZcsJ2lyQv+naBcOXLOhSILXqs76hc:ZKIlttClTkP5J6+neOhSKR76hc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
358a693665e839e9f3be488933407c46

Files

358a693665e839e9f3be488933407c46
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 780KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 421KB - Virtual size: 424KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 202KB - Virtual size: 204KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE