General
-
Target
d4feb41099f1f0deb472b348a3f528aa
-
Size
1.3MB
-
MD5
d4feb41099f1f0deb472b348a3f528aa
-
SHA1
b55168cd3af1cdde280b09e06d19b4fffa8fb95b
-
SHA256
7a8c2f54f45b6ba5001330417a0f3f2cbab3b23d6ba616354efbf4246c168fca
-
SHA512
afed9da688835666c7bb2c483a4ebfb861dd74e6d00212580f5f2db14d2ced4c459151845124a9174ec1b144a0f07b10d82def54b1623ca4dc835f0a7cc66975
-
SSDEEP
24576:i95ooKw0UYoVJ5jbUVlAUGwNbwPWnuCXnw8I6TvvtBJ+d9pu80roJvKeSWta3t4v:4WoKw0UYiJ5jbo5GqbwPWnuCXnbRTHtW
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource d4feb41099f1f0deb472b348a3f528aa
Files
-
d4feb41099f1f0deb472b348a3f528aa.exe windows:4 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
File Characteristics
IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 1.3MB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 1.3MB - Virtual size: 1.3MB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX2 Size: 512B - Virtual size: 4KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE