197b7a844333960f2828dc4e356590f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

197b7a844333960f2828dc4e356590f4
Size

106KB
MD5

197b7a844333960f2828dc4e356590f4
SHA1

290a1d4f6e5ee149b97a1144bd7d75932287f0ec
SHA256

9e23777e36ecd2f6c0ee8c9d43b357a857bba7d1d9b28c01b2fea03ecc722bdf
SHA512

2ca46f32c41642ea3e23d9f8fcba7a7dcef63adc9981714c141e6f1728869772a34a3f4f6af71cddce708aa865189deb2ed78ef1fb9dd2a6d9da0988850325cb
SSDEEP

3072:fS+3APqQoHKtsyaCcIt/omE+CzsTudhbKIN/:q+wSNTLA++zT+hbK2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197b7a844333960f2828dc4e356590f4

Files

197b7a844333960f2828dc4e356590f4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

stalin
Size: 52B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE