40507ac4576be44925f184192030aa0b | Triage

Sharing

General

Target

40507ac4576be44925f184192030aa0b
Size

18KB
MD5

40507ac4576be44925f184192030aa0b
SHA1

cb463e276ed5a22db40523baf0a1386fde98948c
SHA256

0c0e647c55692c2a5a6a1320bed83117568e75244c8bf997daf67f225a0b4fa8
SHA512

cf6922000a2bb1753c99eeef03852d74c3bcec14b700b2fd2e619390666384611637bcebc966ecc0674ff2cab423ba3bc12ffb8986357b44685aefc38dff3b16
SSDEEP

96:k6bWvhzZFNYgQPHQErXkKE+pPRNlOQ5zjnFSW4QYz6b:g5zZFNl4wErFPRNlBF8QYz6b

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
40507ac4576be44925f184192030aa0b

Files

40507ac4576be44925f184192030aa0b
.exe windows:4 windows x86 arch:x86

bfe443509f8fd7c03204411adcfc2b1f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TerminateProcess
GetProcAddress
LoadLibraryA
OpenProcess

advapi32

CloseServiceHandle
EnumServicesStatusA
ControlService
OpenServiceA
DeleteService
OpenSCManagerA

msvcrt

strcat
tolower
strlen
strcpy
strncmp
memset
malloc
_exit
_XcptFilter
exit
__p___initenv
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_except_handler3
_controlfp

Sections

UPX0
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avp
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE