350dcc1b5ece052a005eedb4f6c5ff88dc941654f8e749e5d61bae6f28359dc2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

350dcc1b5ece052a005eedb4f6c5ff88dc941654f8e749e5d61bae6f28359dc2
Size

11.8MB
MD5

cec9d97e8046c7dd4f6823856bcd4423
SHA1

18bcafa32cf64d74de8857676ff2bef41b15a81a
SHA256

350dcc1b5ece052a005eedb4f6c5ff88dc941654f8e749e5d61bae6f28359dc2
SHA512

d755bd61f08c489c7828161c7ca9a71e1892cb303aa6b4d4066b205b5547cea6cfc3195216cc4501dafcc84ce5c1a0474ba1295cbb1d4253887c6187aae6bd3d
SSDEEP

196608:X0wQ/JvDBLwfMbUdlFOdBjLTYsFZli1P2R4ee1QHSZnHe+mzjQPjmp:9QBvDBsfMb+lAdRF7i1P2RrGbZnpmzsP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
350dcc1b5ece052a005eedb4f6c5ff88dc941654f8e749e5d61bae6f28359dc2

Files

350dcc1b5ece052a005eedb4f6c5ff88dc941654f8e749e5d61bae6f28359dc2
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 10.5MB - Virtual size: 10.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE