197bcd734f4a45d9cad3659c0c5e5919 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

197bcd734f4a45d9cad3659c0c5e5919
Size

220KB
MD5

197bcd734f4a45d9cad3659c0c5e5919
SHA1

2d87b7c4cd2e0b84f009a1d4286e435e39b794ea
SHA256

192506405ab5367f3cd95132dc497f9af9e133206c6b99be7db58ce23a9a89ac
SHA512

a8d1dfba1136e20b8d0027f85442addd436d779f1013ed4288ba7718a8059e9fe9f67afb7f9b0747f6513da695f17bba69e5edc3beaee37e81e612ed8d9689a6
SSDEEP

6144:47gRq8H18/vXXbR5Ev9e81xTf3lpMjV92x3x3fLJXoS:474q8H1CXbReFe+T/7MjV92xnXoS

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
197bcd734f4a45d9cad3659c0c5e5919

Files

197bcd734f4a45d9cad3659c0c5e5919
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 360KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 213KB - Virtual size: 216KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.MCTeam
Size: 512B - Virtual size: 512B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE