d41f7d1d48ec43ee5dfce172eb46481a1bbe9b0e41d8a6c519f6ef34a4b39214 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d41f7d1d48ec43ee5dfce172eb46481a1bbe9b0e41d8a6c519f6ef34a4b39214
Size

3.8MB
MD5

2428fb66b7662d9829929f0a377df09e
SHA1

cfdf7e5af38473f12eb32135a829536d82f095b9
SHA256

d41f7d1d48ec43ee5dfce172eb46481a1bbe9b0e41d8a6c519f6ef34a4b39214
SHA512

d4403b1a71082e2fa86b0fb1fa972863879ca768a8749b75d5f179978b2454b6ceaf36696234f0a5ad6444008cd572f35946ff0cc52e2a7e2bef154b93165496
SSDEEP

49152:uN8a8QRa1UI1G+Cq99LyHHI+t6O8N+ailEy6dmpzeioK2enVzG1nkyTRJg:B1UI1n0oAaldmdmnpTRa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d41f7d1d48ec43ee5dfce172eb46481a1bbe9b0e41d8a6c519f6ef34a4b39214

Files

d41f7d1d48ec43ee5dfce172eb46481a1bbe9b0e41d8a6c519f6ef34a4b39214
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 37KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE