cf9deccbe3f0a74c70ce6a6095dc80ec4c126ee8d7353215c76972a150eae2fa | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf9deccbe3f0a74c70ce6a6095dc80ec4c126ee8d7353215c76972a150eae2fa
Size

389KB
MD5

c5ff811b1d52e84a4f5ddf0f639eb8e9
SHA1

facc35361bc88ac64f2c121a79cbbe271531e6f9
SHA256

cf9deccbe3f0a74c70ce6a6095dc80ec4c126ee8d7353215c76972a150eae2fa
SHA512

444e28bc58fe8709f57744504076f108944ecd9515d3ede697850c41ea7d4435fe55e3c25139a6785ebdb0e3309d2a65d007d9347839c329c8650f9a6e694717
SSDEEP

6144:/rTfUHeeSKOS9ccFKk3Y9t9YZMPKpdcFZ1+1w2Tjn3R:/n8yN0Mr8ZMnF3MwEjB

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf9deccbe3f0a74c70ce6a6095dc80ec4c126ee8d7353215c76972a150eae2fa

Files

cf9deccbe3f0a74c70ce6a6095dc80ec4c126ee8d7353215c76972a150eae2fa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

FKP0
Size: - Virtual size: 18.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FKP1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE