aa57c0b97bab57d76fb93fc41dbb435696b40b1b39b2d221c4a2844cf2248da6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa57c0b97bab57d76fb93fc41dbb435696b40b1b39b2d221c4a2844cf2248da6
Size

127KB
MD5

952035776f518f27d26bd0b1b114be25
SHA1

ef466a9d586e4d9025dc6d4ad164533f7f646625
SHA256

aa57c0b97bab57d76fb93fc41dbb435696b40b1b39b2d221c4a2844cf2248da6
SHA512

2786ff68822dc5a99722c1894c74c63e9a7b1dacb9af3ef6f8ed6f86ff6956dde3022604d428121f40d693665cc41d6603cf6fd6d9f8bc09baed2b3ac9cd564f
SSDEEP

3072:oOjWuyt0ZHqsXOKofHfHTXQLzgvnzHPowYbvrjD/L7QPbg/Dr0T3rnXLHf7zjPPL:oIH9OKofHfHTXQLzgvnzHPowYbvrjD/O

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa57c0b97bab57d76fb93fc41dbb435696b40b1b39b2d221c4a2844cf2248da6

Files

aa57c0b97bab57d76fb93fc41dbb435696b40b1b39b2d221c4a2844cf2248da6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

g493vijn
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

174vmjhz
Size: 39KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

1802gdiv
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE