0144f8326d5d72ac6df42c7a56231963 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0144f8326d5d72ac6df42c7a56231963
Size

353KB
MD5

0144f8326d5d72ac6df42c7a56231963
SHA1

386827fc82a768e82472a01928e3c7e5c19a5124
SHA256

36b795c9da348809f265c16da9382a4d994be30479b69edff37de957b65bd63d
SHA512

f6b944ddefd938900978d523d77d56728a8f824043c66bbfbad7c0421ac2ce301355fd248e34951155315cb6893ccc77b460760a7ed184b8ed18be718044a7f3
SSDEEP

6144:GlZ/zUMu4pDSxsCMRzf7x3SfS1JAzXBtL76lP/Jc7:GHLUMuiv9RgfSjAzRty

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0144f8326d5d72ac6df42c7a56231963

Files

0144f8326d5d72ac6df42c7a56231963
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 253KB - Virtual size: 256KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.GUPX1
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE