121a90840b67e3d22beebe764751016e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

121a90840b67e3d22beebe764751016e
Size

16KB
MD5

121a90840b67e3d22beebe764751016e
SHA1

47867eb81164e70dd428f51a72dd89884ab3dc22
SHA256

5f90ed56a4c15e8c69fe94343537a69dc4f6d26fae3ad8305ab07327f4522172
SHA512

b2a0eebf3ef05534f6986c4d6a526b9b6873e80225cc7d5e20143bdd2e2a73ef33fd10760642302d1ad309f468e793e29df9d06e7c84755d59ae12b87267c472
SSDEEP

384:QUDFh63laZCxAtgbL25WUYVK3BhYOlJtzBEBz8:QUDclfxcGH3V2BhFlX6B

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
121a90840b67e3d22beebe764751016e

Files

121a90840b67e3d22beebe764751016e
.exe windows:4 windows x86 arch:x86

7a7803027531302026dedc7b5f6025f2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE