985d79a5dd69d1a14d47400168ba2f38a16f8829a95487251e220e8f481aea7b | Triage

Sharing

General

Target

985d79a5dd69d1a14d47400168ba2f38a16f8829a95487251e220e8f481aea7b
Size

58KB
MD5

394b7dd75fd238711baf0345b11037a7
SHA1

0dd33a1f7d419faa67ee16ba1d57ae5181b3f935
SHA256

985d79a5dd69d1a14d47400168ba2f38a16f8829a95487251e220e8f481aea7b
SHA512

78e5a2f65b1cbee47ca2d707f0b5639a566aa0a7c947ef077b81a8be14ca478dd5e6958a11443eefc0a696032a67b54bb840b631958ec5b29cd02ff752e4fa7f
SSDEEP

1536:icdlMrYL/1iRVYUroNyJWZi3JP7rb67L7n1:flxiRVYRyJWZ2+Lr1

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
985d79a5dd69d1a14d47400168ba2f38a16f8829a95487251e220e8f481aea7b

Files

985d79a5dd69d1a14d47400168ba2f38a16f8829a95487251e220e8f481aea7b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

pUNKVNsp
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UzBUtnck
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE