c9b5ff63e4a8916f1510a5dfc372b118a323aa01b202829e8c814f4de041eff7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c9b5ff63e4a8916f1510a5dfc372b118a323aa01b202829e8c814f4de041eff7
Size

122KB
MD5

969045dd4f87938feeb4ff5c649b3148
SHA1

0d93d099209eba8f462be4626992cf8dbca73b29
SHA256

c9b5ff63e4a8916f1510a5dfc372b118a323aa01b202829e8c814f4de041eff7
SHA512

12569a1e184b4021e1c272ee9527a5ed445e9b8b7cc588748913941b997b88b61eb991e19789badf97f315a444d3b0f77f7497fb97b83e0abe51a6dbb07110ea
SSDEEP

1536:lvm1Fu8AjYaFwjRUdW7fmyY7aZYJVmy0KQbj6vbjuKoauGi44:6u8ANCUdgfmD7zey0KUj6TjR9i44

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c9b5ff63e4a8916f1510a5dfc372b118a323aa01b202829e8c814f4de041eff7

Files

c9b5ff63e4a8916f1510a5dfc372b118a323aa01b202829e8c814f4de041eff7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.reloc
Size: - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ