7a23bf561ae8edcdc006a57b4581f362558afc06ef151bce58ca58ae093d1464 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7a23bf561ae8edcdc006a57b4581f362558afc06ef151bce58ca58ae093d1464
Size

6.1MB
MD5

c41cfaf88802108974cbe300a1e394f5
SHA1

39f9921c5c6fbee62a9a343831f165f0233a3c94
SHA256

7a23bf561ae8edcdc006a57b4581f362558afc06ef151bce58ca58ae093d1464
SHA512

9fe4f6894aaf4ad758a73d41fbe8aaa1cab7f48cae745241a4ccf35d14b50af8a21429f4eb828fe5c0b6d0053b4e6d2fb635b546f39488a0c99b5248e7426d98
SSDEEP

196608:BZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZZ/:5

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7a23bf561ae8edcdc006a57b4581f362558afc06ef151bce58ca58ae093d1464

Files

7a23bf561ae8edcdc006a57b4581f362558afc06ef151bce58ca58ae093d1464
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 80KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE