3fd0f957eb02fc2cbb78da3090b9c7df | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3fd0f957eb02fc2cbb78da3090b9c7df
Size

7.9MB
MD5

3fd0f957eb02fc2cbb78da3090b9c7df
SHA1

2a79c1f6a3c02d49590a981b8821e971a95f5afd
SHA256

42390bc791ae0eb3c292f7ed229677c83541a2266d55df59f3df0c12c3e046be
SHA512

3cc84f1ff880c4e60e78d343dc4fb6981ea76368ce866367302e10891f2ffa7bd49e7b2bb3b484d95786fa4df182e27a2dd53c60426c2a8734b2c1b8c419bad4
SSDEEP

196608:L1ixdNjDc8sbq6vmamwLKbzLNeIx9MFNIs625G5XCf1:ZixXjfQq+mamwLKbzLAIxiIs6Q1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3fd0f957eb02fc2cbb78da3090b9c7df

Files

3fd0f957eb02fc2cbb78da3090b9c7df
.exe windows:8 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 484KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 934KB - Virtual size: 936KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ