3d1c9d780aff3bfd97056bec0799408304dc4922ff8331dd3a421b09b10006b0 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3d1c9d780aff3bfd97056bec0799408304dc4922ff8331dd3a421b09b10006b0
Size

448KB
MD5

fb34827a04c9c0ed73e3c2d123f9fdff
SHA1

d8042c4ce9f2ba22afd80cc3e537cf82c50d65fe
SHA256

3d1c9d780aff3bfd97056bec0799408304dc4922ff8331dd3a421b09b10006b0
SHA512

9a9a8c28441653a3d9a7209b082d2831157a3393d0f1fe193c5888016ac7eb5298502d27693dfa8cc4baf161eb9311a5a30e948205cc4ea45c2a1cc513e818ce
SSDEEP

768:CpQNwC3BESe4Vqth+0V5vKPyLylze70wi3BEmb:CeT7BVwxfvLFwjRb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d1c9d780aff3bfd97056bec0799408304dc4922ff8331dd3a421b09b10006b0

Files

3d1c9d780aff3bfd97056bec0799408304dc4922ff8331dd3a421b09b10006b0
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pb
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE