6909e71b1db1747a7137c3a2e1823a5ab5e601a40a3acfd0b38fd068898d13d9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6909e71b1db1747a7137c3a2e1823a5ab5e601a40a3acfd0b38fd068898d13d9
Size

81KB
MD5

1978aec2a5338a6a16f78b796aa25d63
SHA1

c7dd6324c71b13bbfc35a996749642697518995b
SHA256

6909e71b1db1747a7137c3a2e1823a5ab5e601a40a3acfd0b38fd068898d13d9
SHA512

8db75a9e925d0fd33d3d97e163486c7c8282d7480bb0e40d688c24906709d6fbfbd7d25a1692c72b835e3e50158b9b4141fd36b0123185ef6287a27bf8eb5dff
SSDEEP

768:9pQNwC3BESe4Vqth+0V5vKmyLylze70wi3BEmD:XeT7BVwxfvEFwjRD

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6909e71b1db1747a7137c3a2e1823a5ab5e601a40a3acfd0b38fd068898d13d9

Files

6909e71b1db1747a7137c3a2e1823a5ab5e601a40a3acfd0b38fd068898d13d9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

gumrkvc
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE