bf7d9a59bd2bc1d4c0714213ad2c57e1 | Triage

Sharing

General

Target

bf7d9a59bd2bc1d4c0714213ad2c57e1
Size

7KB
MD5

bf7d9a59bd2bc1d4c0714213ad2c57e1
SHA1

90b07c7718b3f9a720071a8b7322755e72c5f9db
SHA256

c7f1006ed07c671b1d1dffc937bd68cc577d6fae83984648fcafab02056439d7
SHA512

c35f24b8971111ab2c7d2e6a79029643da9f649d0834ab3b883b8112b164c262b6ae8fe1b07bff98a9aac2cb75d19a38d0b482548ddd7acc71daa7c13a1b4288
SSDEEP

96:ls5rzg9k+pRWvF29LcSEPgVDu7fISwZRRxcWkjkzzQxRs/DQqk7T/0OGrGRwHP:Gpg9HpRWdoCPgk7gS2RRxyjlicDT/a

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf7d9a59bd2bc1d4c0714213ad2c57e1

Files

bf7d9a59bd2bc1d4c0714213ad2c57e1
.exe windows:4 windows x86 arch:x86

b46ead522a346c3a0732882852f5cd15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

user32

GetDlgItem

Sections

UPX0
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE