4d560df5a5fd310864abe3eda64d03e8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4d560df5a5fd310864abe3eda64d03e8
Size

79KB
MD5

4d560df5a5fd310864abe3eda64d03e8
SHA1

9586fa203dbae1d7a084ab18af6fa9e1a8814d55
SHA256

c82279bf060528eb00ef14f3d7d80c189e7fdc2743c064ae03f6bf0fce67efcd
SHA512

fcb114e12b70929ec8196b28035b670a3a424d72e8b0d46063aa9afe4628d4b4dd4a2bac5dc8f007d52fcc0cd23c2c66558928c9582f9c28cb68d06d038d105a
SSDEEP

384:0XUFh1MD3r74dqjuuqjukqjugV6DYDCDP:0XUQ3YqrqvqODYDCDP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4d560df5a5fd310864abe3eda64d03e8

Files

4d560df5a5fd310864abe3eda64d03e8
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE