0b31ed2065a50261ff115ee240da305273928529d57e465a0bb8681bd99dfeda | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b31ed2065a50261ff115ee240da305273928529d57e465a0bb8681bd99dfeda
Size

173KB
MD5

abd0b04caf6925213c1c4978adb3d2de
SHA1

3fbcd863ce88ce298887b3f5b67d40f1dfffc006
SHA256

0b31ed2065a50261ff115ee240da305273928529d57e465a0bb8681bd99dfeda
SHA512

ac1bda3d726d92d5fd9f639e4e6026374bfff34e0691d307fa85b615fc495a50e56243f11f2072e6fa8cc98446e0833650107ccf0983c999ac2069a8e46001d7
SSDEEP

3072:SxTqpdA3f6QNf2IPO4DpmWpAsfYbTOBoefYi6a9k20tAvdqkzk6t5uYWh115e:U2pdqfv2IPOGfXf5ovWvdNk6rrWh5e

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b31ed2065a50261ff115ee240da305273928529d57e465a0bb8681bd99dfeda

Files

0b31ed2065a50261ff115ee240da305273928529d57e465a0bb8681bd99dfeda
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE