cf67abfbe6eef8ff0a6934612533a9a0935a288e7c4226391b5ff6ebb4611aed | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf67abfbe6eef8ff0a6934612533a9a0935a288e7c4226391b5ff6ebb4611aed
Size

1.3MB
MD5

3fa148c95f9733a9f27d90c2fda1f223
SHA1

54e773369d2878836bae3093b3bcfd05b72c1131
SHA256

cf67abfbe6eef8ff0a6934612533a9a0935a288e7c4226391b5ff6ebb4611aed
SHA512

ba1132f31b71fc81807f3bd72c75d8f9e09ce683c6996751a130ad8a86a6cf73f5a3bded953e562140b6b2aa39e7c50d557fa0354d1d52abf5efea11733d60bf
SSDEEP

24576:I0aCQJOgkLzMIwC8QKTS1LQlAn9L5jTkLgXbs4boglG49q8qLUJK:IAQJOA8DnFxXb95lG49mLU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf67abfbe6eef8ff0a6934612533a9a0935a288e7c4226391b5ff6ebb4611aed

Files

cf67abfbe6eef8ff0a6934612533a9a0935a288e7c4226391b5ff6ebb4611aed
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 972KB - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ssas23
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE