b19ad2d6450718daf40505e1583d9e3fef136fb1bef3b070bc6e3333a06622dd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b19ad2d6450718daf40505e1583d9e3fef136fb1bef3b070bc6e3333a06622dd
Size

3.0MB
MD5

611c571c052d37b1e878432c7a458e32
SHA1

78aaef30df2b3ef8881f2bbb50508429d7902ad4
SHA256

b19ad2d6450718daf40505e1583d9e3fef136fb1bef3b070bc6e3333a06622dd
SHA512

349f316954dd4e898b2755f0f3ff9028afda3e36b2364f5e1f840dd81cc3e74d08999cb1cc7f63f0eb8098ea693b782b5db10a70fbbe13f4048d6fbe1d40602d
SSDEEP

49152:TPcSoYCUBd50ctF1+yRI6ZbIiJoqUcIW5Q+AymNkM4cn2:VAUBd50kb9XPV5j2NkMh2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b19ad2d6450718daf40505e1583d9e3fef136fb1bef3b070bc6e3333a06622dd

Files

b19ad2d6450718daf40505e1583d9e3fef136fb1bef3b070bc6e3333a06622dd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1000KB - Virtual size: 1000KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE