f71ba62364b627b5611c3743327789bd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f71ba62364b627b5611c3743327789bd
Size

2.7MB
MD5

f71ba62364b627b5611c3743327789bd
SHA1

24532f505b3bc1887a1a64518a2a0a004f890e7a
SHA256

26a27cc12b72418e9196659e81a67994cf23af5f19329ff42797df0315454f40
SHA512

722ec9151edd00d5e897849ed6869f2b4b5dbe06176a179f0dad4c1405e18b0d38bbe526fc043f4e07db94e00fb2a19a7b6a95a6403a64200360fc6f9032f796
SSDEEP

49152:jPKA/0D6e+dguve4DJHNH0/NXwuYtXhIOW27k2Py3:jsWetuW4l10qu0SOW2Aay3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f71ba62364b627b5611c3743327789bd

Files

f71ba62364b627b5611c3743327789bd
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 540KB - Virtual size: 540KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 987KB - Virtual size: 988KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ