8f9f2ca0151532af77012e2ba0b92908 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8f9f2ca0151532af77012e2ba0b92908
Size

633KB
MD5

8f9f2ca0151532af77012e2ba0b92908
SHA1

78bd42779d14e3b992607a7bc9e8920196f77ec9
SHA256

d3a961f1e02c1c87e260122484316c158835739a18b0701f67aef8a85886e4e5
SHA512

00eec3e8646da105fe77f9fe44d59a4a21555535eedabe48c93046ac818a190edb80760c6a87a54f1098e44788cfc93871598498820fd42e7911912d63c8b4de
SSDEEP

12288:CzeLDhVxdhE1t6czTXrncIUBq7EkG4R6QV+/1JI:Cz0Dvxo6YXDgB6jGo62L

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8f9f2ca0151532af77012e2ba0b92908

Files

8f9f2ca0151532af77012e2ba0b92908
.exe windows:5 windows x86 arch:x86

820ab24e53af2dbafc74d24f87e40262

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

MessageBoxA

comctl32

InitCommonControls

kernel32

LoadLibraryA
GetProcAddress

Sections

.text
Size: 133KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 36KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 388KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 431KB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE