12bd69a4c3e69ca744f38913b911c705 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12bd69a4c3e69ca744f38913b911c705
Size

222KB
MD5

12bd69a4c3e69ca744f38913b911c705
SHA1

23ee5484b34f60331b05a6cd5bd1ff8c37acb90f
SHA256

e33cd6e0eaa9275e2982d5a40c791c34062f5624dbee1c4ce30ca432775df76c
SHA512

fe22b91bb88c48a84704a9aa31934b934232e4385f112db42f6fcb723c40bd21cfca98b9ce1583a45ef37b5406e2f0d65e6db4000e32fe5ab310f0fc1326d6d4
SSDEEP

6144:ETEHv3+1Y1Gs8DBxBsqzdMqWDaay3lFpUxwx:ET6+CwXBx86pUc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12bd69a4c3e69ca744f38913b911c705

Files

12bd69a4c3e69ca744f38913b911c705
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE