bfc21c49c19a898c9fd39001e721c03634ebd0fb7a800170e20a74f61177164e | Triage

Sharing

General

Target

bfc21c49c19a898c9fd39001e721c03634ebd0fb7a800170e20a74f61177164e
Size

216KB
MD5

49a21a87f5b39acab9a20a104f02e7b6
SHA1

4672aee46df932707920206e0b291ada977c124f
SHA256

bfc21c49c19a898c9fd39001e721c03634ebd0fb7a800170e20a74f61177164e
SHA512

072d1c4de957d93255ed81ffc10031fcf5110e40306d6dd9c7cba30920cf16c1edd0724b8c19dcff65ed043eb45823a04cdaf30c5e84cf4419622d5d4a757690
SSDEEP

3072:SPUHpiKT2t2UHIu05W7SAFJJOUD9cckiKop97f3r8n9t9Ygntw+:/rTfUHeeSKOS9ccFKk3Y9t9YZ+

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bfc21c49c19a898c9fd39001e721c03634ebd0fb7a800170e20a74f61177164e

Files

bfc21c49c19a898c9fd39001e721c03634ebd0fb7a800170e20a74f61177164e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

FKP0
Size: - Virtual size: 18.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FKP1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE