04382a6392123d7695f1dc366b6b5b17 | Triage

Sharing

General

Target

04382a6392123d7695f1dc366b6b5b17
Size

147KB
MD5

04382a6392123d7695f1dc366b6b5b17
SHA1

303c1c0275b68462792c6a1d09291013d206a4f0
SHA256

7de749de564aef57bfd4f5d23e9f7b7615861bef17cf482ea875e9d2de53b187
SHA512

6f1b188f3bd7e0484b763c81da7d976e8fd1d53f638dc77a9521ca378d031aaa0ecfe47afaadf1e05c32110367f2126b7bc0732b1f7274e0a42de42d0f8eb7e9
SSDEEP

3072:yd5zAXrmbOzJnTb5PiiTJAFQilqW9Cx20ItfPzBo2fIWsv8Do++Pe+oDoEZaLoNa:sAXr7nh7JmJlqcztVzfsEt+PhoDoyaEv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04382a6392123d7695f1dc366b6b5b17

Files

04382a6392123d7695f1dc366b6b5b17
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 204KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 143KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE