ef4eab341b32a37652d0daf6eb2c28ab58fcc9a39eed03c9df0541689dbb9e2d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4eab341b32a37652d0daf6eb2c28ab58fcc9a39eed03c9df0541689dbb9e2d
Size

86KB
MD5

a86a059fd45510620c0c809ac6e527fd
SHA1

7c74f7d9e5d82dc360cd5ae8bbdf4ac5adb9ea66
SHA256

ef4eab341b32a37652d0daf6eb2c28ab58fcc9a39eed03c9df0541689dbb9e2d
SHA512

65067a1d1cf973211e81f6a68ef853e8efe0e089523525c5f578bc1464dcdbbc34cdae35ce5b0b4d7d61c34ed28bea54709db0a690659e5d3383f3f3ef5c1a5d
SSDEEP

1536:yr3Z5IfQmv81a7pP1xF3yX2tM/jTEwwwEiiiixMkMMMMF:WJOfQm01q9X3yX2q/jTJu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef4eab341b32a37652d0daf6eb2c28ab58fcc9a39eed03c9df0541689dbb9e2d

Files

ef4eab341b32a37652d0daf6eb2c28ab58fcc9a39eed03c9df0541689dbb9e2d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE