98a4b5ca72cc43920ddfa13d6e70c5fd9bdb077fa03efc0a7df0a05c5ef1f884 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

98a4b5ca72cc43920ddfa13d6e70c5fd9bdb077fa03efc0a7df0a05c5ef1f884
Size

657KB
MD5

abf89865a984f6b67fbb982a73e92fc1
SHA1

3cc4bc4f18143bfc0545650e0c132a9cb9de95d6
SHA256

98a4b5ca72cc43920ddfa13d6e70c5fd9bdb077fa03efc0a7df0a05c5ef1f884
SHA512

2c82468e69d8630696f4aefe083890eb828dc9e6d1245dc43eac5348ae1a8a358415484d285186dfc02be7f9db329fd1fa5f29e290f38de41b3ce1d939e3b0e8
SSDEEP

6144:YhbZ5hMTNFf8LAurlEzAX7oEwfSZ4sXUzQI6FTBDcTd9hCovEYmR:2tXMzqrllX73wfEI6hBDVR

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
98a4b5ca72cc43920ddfa13d6e70c5fd9bdb077fa03efc0a7df0a05c5ef1f884

Files

98a4b5ca72cc43920ddfa13d6e70c5fd9bdb077fa03efc0a7df0a05c5ef1f884
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE