199d7c884e3d41818947076deaf9ffbd14675449f0a9869174637fa8dd5e2e20 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

199d7c884e3d41818947076deaf9ffbd14675449f0a9869174637fa8dd5e2e20
Size

57KB
MD5

4ff2cf04b489344695e20588ad850b6d
SHA1

5098729a584d3cc60bcccd5ef42f80fb2148521c
SHA256

199d7c884e3d41818947076deaf9ffbd14675449f0a9869174637fa8dd5e2e20
SHA512

3ca6f71d284d37592c4a45c85533cd05f8f45d539e2caa2224f25d62ac6f84616a38d84df3052c8d6dc96bbb2a73bba49009195b33415201e8bd405e7977636f
SSDEEP

768:V7Blpf/FAK65euBT37CPKKQSjyJJcbQbf1Oti1JGBQOOiQJhATBpJ0smj2:V7Zf/FAxTWoJJZENTBp3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
199d7c884e3d41818947076deaf9ffbd14675449f0a9869174637fa8dd5e2e20

Files

199d7c884e3d41818947076deaf9ffbd14675449f0a9869174637fa8dd5e2e20
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE