b4c9203f938f82be0845c2ff9d5d7212699b3f23067d2dd2406da9b2fe835e64 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b4c9203f938f82be0845c2ff9d5d7212699b3f23067d2dd2406da9b2fe835e64
Size

175KB
MD5

5cc7ecd8ebcc1aeb40d8d1a4314a12fe
SHA1

a27b56b0af313ee7e953a80fc77c966b492e4c08
SHA256

b4c9203f938f82be0845c2ff9d5d7212699b3f23067d2dd2406da9b2fe835e64
SHA512

17de21e5b1686bdaf3b8a23162d4079badbb21f72720cbb1c30f0e0562f68e4084cc685e2cc6bbc6f8ff74c64d7f6997f853ce5d2aebebe43c47f9c044cfd19d
SSDEEP

3072:tHPxTqpdA3f6QNf2IPO4DpmWpAsfYbTOBoefYi6a9k20tA3ZPkz13L5ch:t52pdqfv2IPOGfXf5ovWJy136h

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4c9203f938f82be0845c2ff9d5d7212699b3f23067d2dd2406da9b2fe835e64

Files

b4c9203f938f82be0845c2ff9d5d7212699b3f23067d2dd2406da9b2fe835e64
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pb
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE