a2e609088267ecd1b8ee5a7b43251d7cc40476c8e40286eb79ec2de2b2a05354 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a2e609088267ecd1b8ee5a7b43251d7cc40476c8e40286eb79ec2de2b2a05354
Size

180KB
MD5

a452ae82fd1cf4575d8440e9f8d9b016
SHA1

71ba0b980f27389a9a952113c8b287575bc96dcf
SHA256

a2e609088267ecd1b8ee5a7b43251d7cc40476c8e40286eb79ec2de2b2a05354
SHA512

8cea3ef0de2c71676ad8458af9d5c4fdb5aa745eb27ab2226d1a806e1449bb7758a1ed81e5a58ca95e905b394299df14f2ad7dde433e86e1558e41220ed5982c
SSDEEP

3072:AhOmTsF93UYfwC6GIoutQ6M/Fpi8rY9AABa1YRMxgRP5ZXuxE:Acm4FmowdHoSCddWhR/Z+C

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2e609088267ecd1b8ee5a7b43251d7cc40476c8e40286eb79ec2de2b2a05354

Files

a2e609088267ecd1b8ee5a7b43251d7cc40476c8e40286eb79ec2de2b2a05354
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.rsrc
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.pdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ