664ecff24ac477d0b968efc318eed5ad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

664ecff24ac477d0b968efc318eed5ad
Size

14KB
MD5

664ecff24ac477d0b968efc318eed5ad
SHA1

95d67b4e0f8bcf8934c6c4cd45cd6380c96f8aae
SHA256

e0b6833a51629fa7f4de5586b1ae69ddb60c3fc89cb8e9c9a0cf201803d6a8fd
SHA512

1540774e89d640fd3f25200a4856b4f59654aa9c86380ddb90659f865987790e4c7073deec7d7d667bcb2087c5c2f87c63d2d44b0811cc8ebf9e462137f65e98
SSDEEP

384:O/ypQr0nGWe2Mo7Q3PlweUIWQZyuX0DSvDOv:O/ypQr0nGWeJJUB49X0DSvyv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
664ecff24ac477d0b968efc318eed5ad

Files

664ecff24ac477d0b968efc318eed5ad
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX3
Size: 8KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE