4d0bda35f0697308557472d97257ef3c | Triage

Sharing

General

Target

4d0bda35f0697308557472d97257ef3c
Size

196KB
MD5

4d0bda35f0697308557472d97257ef3c
SHA1

0776436f99e8571791dc7d4ce2453e1ef36313ac
SHA256

bbc95b8f345f8a7ba73e21e1db4f33801751f08a20b451e8255159daa5555ea1
SHA512

dff7845d58f6195ea36067b16c80ec4e75bf5fe0729aa266f20c354e2fba60cf9c116326ce0cd874b0d248199e02cc2d55d58eb72e40c3ca0a5ac9594bf1f042
SSDEEP

768:QjEjWydZNHVzXU6aFHl2wQ+xMgmjEjWydZNHVzXy6aFHl2wQ+xMg:QjEjWlHlo/jEjWTHlo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d0bda35f0697308557472d97257ef3c

Files

4d0bda35f0697308557472d97257ef3c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE