a799bbcd46743b257fd739bd5722aab03e008d385f145c5aac173a456b681d3a | Triage

Sharing

General

Target

a799bbcd46743b257fd739bd5722aab03e008d385f145c5aac173a456b681d3a
Size

127KB
MD5

1957e5eb8e9008cc2730a10ae0909981
SHA1

8190765d383a35990faa020723a2aa683f9fd4a2
SHA256

a799bbcd46743b257fd739bd5722aab03e008d385f145c5aac173a456b681d3a
SHA512

e19a382aea4ae3088cbc386dbb09667806602395a5ddb2e2a16cd4cc06ffd6fd5f00213833c8f754f8e2e1ee85e26f60fb8623dc6ae8ab43e1ed0c51d314d5be
SSDEEP

3072:lOjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:lIH9OKofHfHTXQLzgvnzHPowYbvrjD/O

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a799bbcd46743b257fd739bd5722aab03e008d385f145c5aac173a456b681d3a

Files

a799bbcd46743b257fd739bd5722aab03e008d385f145c5aac173a456b681d3a
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

2046wcuq
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2w61ulkk
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

2h16mjhv
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE