bdbcdc1d1ab6f4cc4f12d9235e064876 | Triage

Sharing

General

Target

bdbcdc1d1ab6f4cc4f12d9235e064876
Size

1.8MB
MD5

bdbcdc1d1ab6f4cc4f12d9235e064876
SHA1

d49ef67e675a14042e45546542dad194f8f175ff
SHA256

41053a0ae5b257d5c03ee30a0b9b50763bdd634c7073c1a9f451a1ef70d66a7b
SHA512

f9010f90c7ffb070a19e40195001cbc642042a6a7448453268c19b1586f7d59c02a5ba751b6880c2d090a134668161169611256c44f206b0cc36976950b273b6
SSDEEP

49152:/NWdVm4yJVbFtBQhl/WC16JNZBjLKwhXIvou:/N0VryJRLahlOZNLHIZ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdbcdc1d1ab6f4cc4f12d9235e064876

Files

bdbcdc1d1ab6f4cc4f12d9235e064876
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btnj
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gduz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.e
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fbe
Size: 512B - Virtual size: 4KB