9b068a7cde4f28864da4f90b8a8f10ed | Triage

Sharing

General

Target

9b068a7cde4f28864da4f90b8a8f10ed
Size

195KB
MD5

9b068a7cde4f28864da4f90b8a8f10ed
SHA1

89860fae129545d829efe56858f58c809a3b7133
SHA256

c1b674abb7e0ad88c75adc904d4a727832f3446e208ee49fda1fa6b35c11c916
SHA512

5c5687428e403cfe1e45d61977650fdafa863c58a972c9859402402192c0b4ddff016ea22c92d22608493bb2cd81ff419187b258aa6e5bfe102e91dd3907d88b
SSDEEP

6144:85U5oyd8iKJOa2azm8douS86OaJ/xrRa/aJNC:85UGy2iK5zm86+6p/C/wC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9b068a7cde4f28864da4f90b8a8f10ed

Files

9b068a7cde4f28864da4f90b8a8f10ed
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 312KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 190KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

ExeS
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE