b61ff7dda84ff7f4709b166de19bc20fe09e81b49eca9f2ddf0f19c847cd5759 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b61ff7dda84ff7f4709b166de19bc20fe09e81b49eca9f2ddf0f19c847cd5759
Size

166KB
MD5

5d30f3d5b784f034ac6b86e38f0b6a9a
SHA1

1cc56a1351e1fdde6d3950a9b9cb77107c6673d3
SHA256

b61ff7dda84ff7f4709b166de19bc20fe09e81b49eca9f2ddf0f19c847cd5759
SHA512

97f9694b590b618579345344a70b2c7c9c1de34314348e806bcd771c76070bfd1ffe7f37cda4367d5ce483fcd4271ed1d19887ffb80c6ad48eec8c95e1e799a1
SSDEEP

3072:SxTqpdA3f6QNf2IPO4DpmWpAsfYbTOBoefYi6a9k20tAvdqkzk6tJ8mkRq:U2pdqfv2IPOGfXf5ovWvdNk6E7q

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b61ff7dda84ff7f4709b166de19bc20fe09e81b49eca9f2ddf0f19c847cd5759

Files

b61ff7dda84ff7f4709b166de19bc20fe09e81b49eca9f2ddf0f19c847cd5759
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE