a44c1d1a152576b8f627a3e39a911899c3851f8c080f130fc749f775d10a6fdd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a44c1d1a152576b8f627a3e39a911899c3851f8c080f130fc749f775d10a6fdd
Size

1017KB
MD5

63069fccd7560f08372a788d7ff3a493
SHA1

6cd62408dbd00353a9091a16d0529bccbe82eb3d
SHA256

a44c1d1a152576b8f627a3e39a911899c3851f8c080f130fc749f775d10a6fdd
SHA512

c2d444dbd518b1fa94cf409a3777d6202dc4b89e025ca88b3ede6b7562602e9911be9648c499f692e8fca5742895b581cd95fdc4c1ab347622f68695aaf5af09
SSDEEP

24576:NF1Uu/OfDlEUKWflmTP33GiLmqxrt35E3Mvd:NF1mfU4Uj33i3+d

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a44c1d1a152576b8f627a3e39a911899c3851f8c080f130fc749f775d10a6fdd

Files

a44c1d1a152576b8f627a3e39a911899c3851f8c080f130fc749f775d10a6fdd
.exe windows:4 windows x86 arch:x86

7909826cb72884560635663c8951a127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

advapi32

OpenProcessToken

user32

ExitWindowsEx

version

GetFileVersionInfoSizeA

ws2_32

WSAStartup

Sections

VHqxTUpa
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IaDsgWGk
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE