113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7
Size

457KB
MD5

30d6e29710580a748229532bb271f400
SHA1

9ade8b7f094b1e3bf964014b0b1d452e6444400d
SHA256

113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7
SHA512

4190c5a7c9ecf295a07a71d3f3fe789e2b6a5f79ee4973ee29de2ea60dc204ada25632e2c15d0f2ae32bf34ed81031e646bd351e430f748ad14e10d7c766ed79
SSDEEP

6144:9rTfUHeeSKOS9ccFKk3Y9t9YqU9PRWLiFSbE56FORF:9n8yN0Mr8qU9PRWg9

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7

Files

113e63c40f1c1f634a023ff2e0a7c76ed906912548eabd4070240d7f3f1f1ba7
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

FKP0
Size: - Virtual size: 18.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FKP1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE