04985175487f4a361b91366cdbf596bb8449db7550acc30e097b92de6213a11e | Triage

Sharing

General

Target

04985175487f4a361b91366cdbf596bb8449db7550acc30e097b92de6213a11e
Size

224KB
MD5

2a3b725fd5408df8317649c54afe83f2
SHA1

df4de0aee432c2d8092f2f86c522816f0d11f3f9
SHA256

04985175487f4a361b91366cdbf596bb8449db7550acc30e097b92de6213a11e
SHA512

0dae60fdc6f655fc53fd0fbd31ece5b473eb98c7e57261cc937fa1f1652f01aa6b06953e96c39574861cc04c6432f075626ddb5235d42f9af5769ebf0aca0d49
SSDEEP

3072:42H+nmuxEbAuVVcaLHWjNmrkyG0//iem0tu04KK83xBOtbE0ikIeEa091C2:42HOPaVVAjNmAyfHirj4QtYspELW2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04985175487f4a361b91366cdbf596bb8449db7550acc30e097b92de6213a11e

Files

04985175487f4a361b91366cdbf596bb8449db7550acc30e097b92de6213a11e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 43KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vsp
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE