b7d1287194971ba4dabf883b8d07009c2b2989c46f88e908668b2432c7793828 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7d1287194971ba4dabf883b8d07009c2b2989c46f88e908668b2432c7793828
Size

172KB
MD5

242f107e6ae7d3b2d93c52aa47f04b19
SHA1

e91b8ff285a0e05a361669561eebdbf7a68f89b9
SHA256

b7d1287194971ba4dabf883b8d07009c2b2989c46f88e908668b2432c7793828
SHA512

6f7d6c0a588d36076442d14ba354a03f1686a403f94bcd94e9ec53b13e8319eed59d9cef7812825ac38cb0ce76e904d6816892b97c30278105bcfe24173e09f5
SSDEEP

3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yT3:EmVnkG7Rx1Ui7F9RuOO48iJH0q7

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7d1287194971ba4dabf883b8d07009c2b2989c46f88e908668b2432c7793828

Files

b7d1287194971ba4dabf883b8d07009c2b2989c46f88e908668b2432c7793828
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ