1a41c14e69baaa94051ded69d3158e6a3d9593f2b4e561bba450f0020d5d6c90 | Triage

Sharing

General

Target

1a41c14e69baaa94051ded69d3158e6a3d9593f2b4e561bba450f0020d5d6c90
Size

93KB
MD5

fdf530a4a90ddeae2635625928c8258a
SHA1

3165fbc893280b6e96df8ab09ca65060572362e7
SHA256

1a41c14e69baaa94051ded69d3158e6a3d9593f2b4e561bba450f0020d5d6c90
SHA512

2b4f5166a4a218acb867f0e9b393f0d52dae399fe0fc9ff5c317e78e6d559a62d5710e6e6596251f05b5d845aa51e3a7c324905e5fc4b3d956d57b9736bcaf33
SSDEEP

1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY:fnyiQSop

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a41c14e69baaa94051ded69d3158e6a3d9593f2b4e561bba450f0020d5d6c90

Files

1a41c14e69baaa94051ded69d3158e6a3d9593f2b4e561bba450f0020d5d6c90
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE