b7421ae2829b91a1d4b449621aeaa543e3e7d1fa5d708ebca17fe44f35cfe3ff | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b7421ae2829b91a1d4b449621aeaa543e3e7d1fa5d708ebca17fe44f35cfe3ff
Size

320KB
MD5

4d1f90304b86ea2b6ea65925b9e9b58a
SHA1

3e9049948825c831f3d546b0588d3856b7c2c67e
SHA256

b7421ae2829b91a1d4b449621aeaa543e3e7d1fa5d708ebca17fe44f35cfe3ff
SHA512

a7cdb776492e0dc7f3fd2df3b3f931a249763846feedc2c04892e5ba5f9dff4aabf244725b064d580d09873297e75d1541db2aaf89d7a0717ae78e0606294194
SSDEEP

384:IcgHm8SIBswruHcQbKs+ySJXht262z83hVbXS+HvmshNGUI4zB:yHuIiwa8Qb7+y+b2z83h5HOshN9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b7421ae2829b91a1d4b449621aeaa543e3e7d1fa5d708ebca17fe44f35cfe3ff

Files

b7421ae2829b91a1d4b449621aeaa543e3e7d1fa5d708ebca17fe44f35cfe3ff
.exe windows:4 windows x86 arch:x86

eeb95f6ef6a306b7ea9c9b0f87ba5ff1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord690
ord588
MethCallEngine
ord667
ord595
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
ord600
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord714
ord716
ord681
ord100
ord689

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE