3dd14f2e4ff8b17b94f17b9beccfe752cec6b8ffd1866146ba3fcd0244af4066 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3dd14f2e4ff8b17b94f17b9beccfe752cec6b8ffd1866146ba3fcd0244af4066
Size

1.3MB
MD5

36bc9955c7821f8fef1e3316616d9443
SHA1

00499f63643823ad3baf547b50f0070a2a348972
SHA256

3dd14f2e4ff8b17b94f17b9beccfe752cec6b8ffd1866146ba3fcd0244af4066
SHA512

f91c5c0d946f6e4155e0e4b095aec0f6f21f1e31ef5b2efd919a9f633697e7ca0c68cff2fc51f10f96fe567353567a3a11de4e47e4067a502f28c605e3c39e5c
SSDEEP

24576:I0aCQJOgkLzMIwC8QKTS1LQlAn9L5jTkLgXbs4boglG49q8qLUJK:IAQJOA8DnFxXb95lG49mLU

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dd14f2e4ff8b17b94f17b9beccfe752cec6b8ffd1866146ba3fcd0244af4066

Files

3dd14f2e4ff8b17b94f17b9beccfe752cec6b8ffd1866146ba3fcd0244af4066
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 972KB - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ssas23
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE