bf863c8f0d8c7476a466edda4ca0fde4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bf863c8f0d8c7476a466edda4ca0fde4
Size

196KB
MD5

bf863c8f0d8c7476a466edda4ca0fde4
SHA1

fe82dafb83c61c3bdf6aa2b8301e9479c88b1a02
SHA256

ab3e8801e226c0de474608f4b8a9022185e641e66ef78c03c51e73f9839f0309
SHA512

6d1d75d1e72d58e2aafa426bf3e1aeb61ef93ab09529dd72145856e0f769aa7d042038689f5a5218b84aaa19a2501a40824a8ad1f2eb75bec45332aafaf3032e
SSDEEP

768:HjEjWydZNHVzXH6aFHl2wQ+xMgmjEjWydZNHVzXy6aFHl2wQ+xMg:HjEjWuHlo/jEjWTHlo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf863c8f0d8c7476a466edda4ca0fde4

Files

bf863c8f0d8c7476a466edda4ca0fde4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE