f2977dd19e64e1779576caffbdf35d59d29b1b3d139528fcdb58ccb4d08a8c7c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2977dd19e64e1779576caffbdf35d59d29b1b3d139528fcdb58ccb4d08a8c7c
Size

1.6MB
MD5

c077fef5161e9714b2ad229754170575
SHA1

016e4ea933c975c219411416cd8bdbce7e6e87e5
SHA256

f2977dd19e64e1779576caffbdf35d59d29b1b3d139528fcdb58ccb4d08a8c7c
SHA512

946ac70185f8397e4b1eaa97ec6c6ee827c49a395ed95352c55f0c6f48004f49be450b2f5c5c481a1e49319a579dedc0dd0d7551f654ff3203080dc95a4b900b
SSDEEP

24576:ybuLR3ltid6U73H8SIGwVzFs3hWpbA6O+E7yBGhzsbzAd:ddil1xWG7iysfAd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2977dd19e64e1779576caffbdf35d59d29b1b3d139528fcdb58ccb4d08a8c7c

Files

f2977dd19e64e1779576caffbdf35d59d29b1b3d139528fcdb58ccb4d08a8c7c
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 580KB - Virtual size: 584KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE