1b7b2b96a578c4e6959f7a9e6e756caf | Triage

Sharing

Copy URL Twitter E-mail

General

Target

1b7b2b96a578c4e6959f7a9e6e756caf
Size

99KB
MD5

1b7b2b96a578c4e6959f7a9e6e756caf
SHA1

8769dae284d61f8cd44cf4aa4e5801344ffa6f6c
SHA256

4d58e55257821453e211023b02c19746aa7888d5dfc439e59b5863046e417543
SHA512

15b88cc865e5c57385f4194d5372a0ad81874cea83ad42726066ff7e79768cb39116253fccca93def79c170284cf4fa959c53e57af3f26ce3fc3871476f945f4
SSDEEP

3072:sr3KcWmjRrzS+kHe6+j4LVgJNVkD+aeGFw://h+cBse+F

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b7b2b96a578c4e6959f7a9e6e756caf

Files

1b7b2b96a578c4e6959f7a9e6e756caf
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE