4f7294326243bb2a4919b256a55ccc62d25994cb30fd12e3346b8e9b4220bf41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4f7294326243bb2a4919b256a55ccc62d25994cb30fd12e3346b8e9b4220bf41
Size

634KB
MD5

4200d5b3dcf1571b8f084827009d0570
SHA1

5fb56ac9c9206ea96f8210b5f9cb9590cffc2cdf
SHA256

4f7294326243bb2a4919b256a55ccc62d25994cb30fd12e3346b8e9b4220bf41
SHA512

f578182428bbc64be800ee9588865ec6acae37dc8561bd8568fa60a0a7edc5a41ad4ca282725c54a594e295ed3fcb46dbeffc226dc7828ea54892cab3cd4efef
SSDEEP

6144:IooZIFH5nrz1gL5pRTMTTjMkId/BynSx7dEe6XwzRaktNP08NhKs39zo43fTtl1C:ISF1/1gL5pRTcAkS/3hzN8qE43fm78VW

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4f7294326243bb2a4919b256a55ccc62d25994cb30fd12e3346b8e9b4220bf41

Files

4f7294326243bb2a4919b256a55ccc62d25994cb30fd12e3346b8e9b4220bf41
.exe windows:4 windows x86 arch:x86

7909826cb72884560635663c8951a127

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetModuleHandleA
LoadLibraryA

advapi32

OpenProcessToken

user32

ExitWindowsEx

version

GetFileVersionInfoSizeA

ws2_32

WSAStartup

Sections

VHqxTUpa
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IaDsgWGk
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE