8f70cabee176bf963ba790941833daa3 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f70cabee176bf963ba790941833daa3
Size

57KB
MD5

8f70cabee176bf963ba790941833daa3
SHA1

6a3d4ec2b8392ba42f46f3b7ac200ac2628f9af4
SHA256

290cdbd180147764b26cc786179fa816c1e2ac9e3b53856e2987deb29cd00cdb
SHA512

f892b985470466d791efd4c5e3b5003e8e832eebd6d7d4e18b93efba13a85a7a3ea54fe2a6f66a815489aece4686dcabd82d7fc77a720f67d57a3bf274865d60
SSDEEP

1536:6BERmnouy87OcexiMGdT8zu1qKypJFX/8fM9v1CgSkD:6BERWout7OceMMLaqKyBLvkgP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f70cabee176bf963ba790941833daa3

Files

8f70cabee176bf963ba790941833daa3
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE