198551f415021ee3686015844f4ccb36c162fc1722ae374d1614a65566ff9ce5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

198551f415021ee3686015844f4ccb36c162fc1722ae374d1614a65566ff9ce5
Size

81KB
MD5

24ea14cafcb091cb8d0b216ffafe0cdc
SHA1

b062d0f7c82949698328ce284ba23753587b40d4
SHA256

198551f415021ee3686015844f4ccb36c162fc1722ae374d1614a65566ff9ce5
SHA512

08d6a2f5107a5eec4692cad820b4721b824c693cf78bb0df59e316fbf361287f67675af431363c123e14e315df2d4b22a884c72b626cd00efb0a128461cc8b82
SSDEEP

768:9pQNwC3BESe4Vqth+0V5vKmyLylze70wi3BEm5:XeT7BVwxfvEFwjR5

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
198551f415021ee3686015844f4ccb36c162fc1722ae374d1614a65566ff9ce5

Files

198551f415021ee3686015844f4ccb36c162fc1722ae374d1614a65566ff9ce5
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

gumrkvc
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE