bfea299bddcc0cde6211fca4c3e3b983 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

bfea299bddcc0cde6211fca4c3e3b983
Size

16KB
MD5

bfea299bddcc0cde6211fca4c3e3b983
SHA1

4f3b96aee3a383a49c03d9258ce10aa8c9317214
SHA256

622540beb54052b0041d1c4807248ea957713b9be015aa67e6cc24d50d1ffd6e
SHA512

64395fc5a70361341d22051cbd34be5b5d1597c44d5f40a15c7d31221e0b15461708e500d88b7a1ecf907ca543f04f6d8dcc2d16dd0aa5adc913719413bc7ff2
SSDEEP

384:wASH1MJEsXsW2WMO+fyF30Z3ZMUL1sXburnW4easm+D:v61MqxXqF30ZSUL1EuISK

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfea299bddcc0cde6211fca4c3e3b983

Files

bfea299bddcc0cde6211fca4c3e3b983
.exe windows:4 windows x86 arch:x86

b46ead522a346c3a0732882852f5cd15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
LoadLibraryA

user32

GetDlgItem

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE