65bd09f61ac09a1f51a1fd951f33eb90 | Triage

Sharing

General

Target

65bd09f61ac09a1f51a1fd951f33eb90
Size

202KB
MD5

65bd09f61ac09a1f51a1fd951f33eb90
SHA1

d04129c1c2d907e072106a33c421de58df9f6082
SHA256

cb8a7537b288405e6675acedea9bca0a7184e58459ff85ccd6301acc2dd0a24f
SHA512

a059abeedb921e27bc9f26eda69d6c95fda697538fead8e313b66061eb84c223f5ee5a57e858c3c21e967c0b4a87f36ece12943be9aaccf6b9ba24cf0f8615a6
SSDEEP

3072:RgaudsHPavmh5AjoBDdBHEixKNEEFcFeETC2rpRGjPv1QwrY9x7:G3+vavm5DdBH6NEEKFH+84jnmwrY9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
65bd09f61ac09a1f51a1fd951f33eb90

Files

65bd09f61ac09a1f51a1fd951f33eb90
.exe windows:4 windows x86 arch:x86

6d46d55402a93b80138adacebb9a07bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

EVENT_SINK_GetIDsOfNames
MethCallEngine
EVENT_SINK_Invoke
Zombie_GetTypeInfo
EVENT_SINK_AddRef
DllFunctionCall
Zombie_GetTypeInfoCount
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ProcCallEngine

Sections

UPX0
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE