c28812fa2b5c2b03fdfb6f58d042138e517a995b77f5b7c941c8cbd8d8ceed7e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c28812fa2b5c2b03fdfb6f58d042138e517a995b77f5b7c941c8cbd8d8ceed7e
Size

116KB
MD5

3606cd8eb68b623bb70ac87327b06a84
SHA1

3bee7251c4cac8da032b69b079d5e96cdd5516c7
SHA256

c28812fa2b5c2b03fdfb6f58d042138e517a995b77f5b7c941c8cbd8d8ceed7e
SHA512

4d50cfca54fe8445a4d2fb2047e0a4c12a24a4398d45ac7ac99a0925c3b8f55bd5468fc5efbb6588cb6b5d0be2720e64bdafd94ec01d2e38417b913d12063040
SSDEEP

1536:bQ7BH7hEvMGyXlbThBU1mrZ9VYKnufQbbalnouy8CrW:bQ57hyMGy1bUQdvYKnuIXa9outCrW

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c28812fa2b5c2b03fdfb6f58d042138e517a995b77f5b7c941c8cbd8d8ceed7e

Files

c28812fa2b5c2b03fdfb6f58d042138e517a995b77f5b7c941c8cbd8d8ceed7e
.dll windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

��Ϣ

Sections

UPX0
Size: 77KB - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

SIGN
Size: 512B - Virtual size: 4KB

IMAGE_SCN_MEM_READ

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE