1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad | Triage

Sharing

General

Target

1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad
Size

128KB
MD5

ff15c1ae6eca8c9853dd699cf7a192fb
SHA1

15c3acde3a00d946941100c5b5ce6bf5521abbde
SHA256

1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad
SHA512

6a98db0c378593de2129ee5c52bda6a00b5ef315efba18b6c2bf8a42e0c6c4f4daf3b8911e21b18fcfd95d7dc83e542e5cc548ea0d830b5bd25f9323d09ccdcb
SSDEEP

1536:V7Zf/FAxTWxOmO/fxRfxykK3ZUkK3ZKYF6ATW8OmO/fxRfxykK3ZUkK3ZKYF6n:fny+Tuf7fs63Tuf7fs6K

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad

Files

1da201c70a9f0e416cb0bcb07e1f4f7ea2c339df8d22b2a22f40fdfb74c7edad
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE