9a11f8493081f00c7abcc222a2158bd5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9a11f8493081f00c7abcc222a2158bd5
Size

6.6MB
MD5

9a11f8493081f00c7abcc222a2158bd5
SHA1

184d900e42d76db3fb2784821c5107cbaaa22493
SHA256

a28e156ca1e86a29765858bf84a70fcd05b32e1b84a52e1e2a4299b3675f594a
SHA512

8ad11d983b1113f4770268f90db96bd034ea8a4573da1f674c5f10d979353cf98bd13807edcd65918e0bece2767d1793b0b90ff9e5f60b69f125f873f09f6aab
SSDEEP

98304:dE35E/E35EtE35EAE35EiE35EzE35EzE35EBE35E5E35EiE35EQE35EEE35EyE3C:p

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9a11f8493081f00c7abcc222a2158bd5

Files

9a11f8493081f00c7abcc222a2158bd5
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bldvar
Size: 38KB - Virtual size: 196KB

BSS
Size: 12KB - Virtual size: 192KB