96965e3eac3f69ae8b23c97fc4003e0a8ee09be43e637a6a7482154e4f1117ea | Triage

Sharing

Copy URL Twitter E-mail

General

Target

96965e3eac3f69ae8b23c97fc4003e0a8ee09be43e637a6a7482154e4f1117ea
Size

1.8MB
MD5

3e9fe7b50d481f01a3422714c06679a1
SHA1

d23dee22161ad16cc154c2bb60725393a9cb53bb
SHA256

96965e3eac3f69ae8b23c97fc4003e0a8ee09be43e637a6a7482154e4f1117ea
SHA512

1922821ad850a11d828ca55acb48eecda5931b8c532b8e14cac46c70fd36b89d7116a1b5d66f07fdc903991480b714e9c9e96f8f8928d449a7886b6e3104dbdc
SSDEEP

24576:USeMkya+YDe1PLqbmeTYBvZyutYp/ii3n0bQ2On5E0liPG3:USeMkY1Piwft4yh0m

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
96965e3eac3f69ae8b23c97fc4003e0a8ee09be43e637a6a7482154e4f1117ea

Files

96965e3eac3f69ae8b23c97fc4003e0a8ee09be43e637a6a7482154e4f1117ea
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 996KB - Virtual size: 996KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 840KB - Virtual size: 840KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE