aafb1d0aef9c9a2ed3042ef7a398af1f73558b7c5fbb860756813ec64b78b346 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aafb1d0aef9c9a2ed3042ef7a398af1f73558b7c5fbb860756813ec64b78b346
Size

448KB
MD5

ca67872ef6a55645bdc5acf527e846c2
SHA1

7f36f3f6d4e5128378c687028c217f220e337c86
SHA256

aafb1d0aef9c9a2ed3042ef7a398af1f73558b7c5fbb860756813ec64b78b346
SHA512

63ddab6177db04b923d2d1632ec6b46ca580b117d75a25641d7f2f22957ada47b50d3d39cd26b5f611dd6b73eb6c63cce11acbef4f8fac3936e4b80cd0813d4a
SSDEEP

768:CpQNwC3BESe4Vqth+0V5vKPyLylze70wi3BEm1H:CeT7BVwxfvLFwjR1H

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aafb1d0aef9c9a2ed3042ef7a398af1f73558b7c5fbb860756813ec64b78b346

Files

aafb1d0aef9c9a2ed3042ef7a398af1f73558b7c5fbb860756813ec64b78b346
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pb
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE