df9e3bcda95b6d7a9c2722e85a070d08 | Triage

Sharing

General

Target

df9e3bcda95b6d7a9c2722e85a070d08
Size

123KB
MD5

df9e3bcda95b6d7a9c2722e85a070d08
SHA1

c02d6bdabe91f0d08ebc9f888118ad120b8fe9c3
SHA256

40d5d9b19db13f15af23f2d30c30a37b04bb796c006ad89c830ea172456f8426
SHA512

af9f7d9eb688ceab0acd51ed370ea28bd6f212666c25abdb36a7d84d4f71c28f982165e23634b03f0826b3eebb62d7b94d66f4a09361d4d204bb9ddb7cc85c98
SSDEEP

3072:OeSQ41MZrrOwzrq5Ss9eYfphfFQkUcot3EpeBWLLIvkU:OVYrJrOSsRwcpM

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df9e3bcda95b6d7a9c2722e85a070d08

Files

df9e3bcda95b6d7a9c2722e85a070d08
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 107KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

42vab535
Size: 62B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

oqvrztrg
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ