02f14881cd004fbcb1601fd2b0749e47b970f5989d87bbb28343ff3f9f76b999 | Triage

Sharing

General

Target

02f14881cd004fbcb1601fd2b0749e47b970f5989d87bbb28343ff3f9f76b999
Size

667KB
MD5

2a83b86598495d8cfd94e3217cfec986
SHA1

4c46f3907008bbb824a2d3d1e15c13299c954225
SHA256

02f14881cd004fbcb1601fd2b0749e47b970f5989d87bbb28343ff3f9f76b999
SHA512

e4da3b4e642e5feef4a10c47670c9c35fe11a340eef716fdb62bff04119a91c98759f6126b84581099e56896d0e9d64813f81c6e940841083118fbe5124ac05b
SSDEEP

12288:t01/aq8BG+UU61+2BJvsKgxgRg8X9HV/Azf+XADfVkS+y6:kYBG+n2Ldyg19H5ybVj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02f14881cd004fbcb1601fd2b0749e47b970f5989d87bbb28343ff3f9f76b999

Files

02f14881cd004fbcb1601fd2b0749e47b970f5989d87bbb28343ff3f9f76b999
.exe windows:5 windows x86 arch:x86

7a7803027531302026dedc7b5f6025f2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress

Sections

UPX0
Size: - Virtual size: 208KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 613KB - Virtual size: 616KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE