a938fbe40a7a25ea5e3b5fb71bf87e830b606e5896a6c9267ec9dea10c015f9c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a938fbe40a7a25ea5e3b5fb71bf87e830b606e5896a6c9267ec9dea10c015f9c
Size

113KB
MD5

0ad7f3dab12a6d79f55ed9af2459e00f
SHA1

19f2d7fa88df8f64b9daa56ef7ccc68d583fd6d9
SHA256

a938fbe40a7a25ea5e3b5fb71bf87e830b606e5896a6c9267ec9dea10c015f9c
SHA512

2ef24393d9232f1e5d369368ffb6bfbd058d7a0a1e0310008202f0f3d9906f3abb23adb8c4a5e1e45e41cb422bdc781f8d80094ec51ca816e7ec5172cc365895
SSDEEP

1536:67Zf/FAxTWY1++PJHJXA/OsIZL7Zf/FAxTWY1++PJHJXA/OsIZ7:+nyionyiO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a938fbe40a7a25ea5e3b5fb71bf87e830b606e5896a6c9267ec9dea10c015f9c

Files

a938fbe40a7a25ea5e3b5fb71bf87e830b606e5896a6c9267ec9dea10c015f9c
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE