3a191267ba5cacbe5b634aeb605f3f75 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3a191267ba5cacbe5b634aeb605f3f75
Size

201KB
MD5

3a191267ba5cacbe5b634aeb605f3f75
SHA1

d33cb567f439fd2516b03699415118afbbfeae06
SHA256

2c1c7405df14da32070eb059c5d77f826a3e3772ecea52b72b5dc7345d9fbce4
SHA512

786bf3a1912e63fcd38961afae86209d239b525ed80613d596abed534e5906c048f18e4bc99d4ac215fae5d4366addb513019e3678fa6c493976b8f9683df0b3
SSDEEP

3072:83j7UfRKdztbaR2p+cdssVwuqUgpinGXZG5kc7gRe1kXe0d+i/hS:6zwEp+cdssVwuAtBDs1kXe0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a191267ba5cacbe5b634aeb605f3f75

Files

3a191267ba5cacbe5b634aeb605f3f75
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 47KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE