ffad6738bc4e1d4aa0856d8235f49e5493aa6ab06b403ea140500df95db4ab69 | Triage

Sharing

General

Target

ffad6738bc4e1d4aa0856d8235f49e5493aa6ab06b403ea140500df95db4ab69
Size

50KB
MD5

37385e7ce62527794e8488ed1359e268
SHA1

465e7f0fd56ffcd03a54b36b6ebe2bd756ec2d97
SHA256

ffad6738bc4e1d4aa0856d8235f49e5493aa6ab06b403ea140500df95db4ab69
SHA512

ee0a2ae42108aa9caca31d78af1d976bcf9453c46cd19ee90c4f26d547e8cbf937cb04fb58c5aa9c99f4dad95876598fcc568532c3fc9c41c678309f583af277
SSDEEP

768:V7Blpf/FAK65euBT37CPKKQSjSEXBwzEXBw3sgQw58eGkz2rcuesgQw58eGkz2rx:V7Zf/FAxTWD

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ffad6738bc4e1d4aa0856d8235f49e5493aa6ab06b403ea140500df95db4ab69

Files

ffad6738bc4e1d4aa0856d8235f49e5493aa6ab06b403ea140500df95db4ab69
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE