ff67d737195e164db9f697fcd2cf583c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff67d737195e164db9f697fcd2cf583c
Size

3.8MB
MD5

ff67d737195e164db9f697fcd2cf583c
SHA1

ea4fa43f2c149cf9b7163ca87ac2b086d7a07c28
SHA256

bdffc272e4ffe2bf9c66f4264e844753e058f1a42d467e132e97a2f5d6c6d4cc
SHA512

dfab72fe67057d4b5bb4c2349fae6029811eb08c4e755237a219bb964d6893f36954ddb45c7e5f8d2e1fc4b02388f545a4c399a5c139575da3f8888b693bce60
SSDEEP

98304:wqYStbqeQTwLinzGZWNDIIVRevoigYLF3b+S/6VfdH2DY:NftbSnTNDy/LF3b0fxoY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff67d737195e164db9f697fcd2cf583c

Files

ff67d737195e164db9f697fcd2cf583c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 7.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3.6MB - Virtual size: 3.6MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lif
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE