a4660228941e87ff2a0a9333cc73ae3584762548708c9d83a0fef75ff89a185f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a4660228941e87ff2a0a9333cc73ae3584762548708c9d83a0fef75ff89a185f
Size

479KB
MD5

c67fe9905d644cb4c929ba4af33a21f8
SHA1

562f724221fce5aaced1917f2ce3d0eb8fb466b6
SHA256

a4660228941e87ff2a0a9333cc73ae3584762548708c9d83a0fef75ff89a185f
SHA512

94a65e7a20c4d57526803fc44b94ce2bcac87ff0e34fdf40a36119e469c5ef2f44b0a607ce7f11eb52d8a0d895147a817ebb99c7142d1f3ce329b3050543c5f9
SSDEEP

6144:l63+NDdL0yqu5uPBhLRjpML0KYj3NAilJ0FcmjU4:I+HAJ3PBh9jkK3NAi/0FceT

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a4660228941e87ff2a0a9333cc73ae3584762548708c9d83a0fef75ff89a185f

Files

a4660228941e87ff2a0a9333cc73ae3584762548708c9d83a0fef75ff89a185f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

camzt
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxda
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 242KB - Virtual size: 241KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE