c2f1653da386e8f198d1785b8431573d228e6eb35e9f3de0d58e338e74b2dd41 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2f1653da386e8f198d1785b8431573d228e6eb35e9f3de0d58e338e74b2dd41
Size

2.6MB
MD5

608a53c9ca8e5ace3068b662e74c0094
SHA1

9fd822698d8aa5729d0faf0601daefdbc1af1654
SHA256

c2f1653da386e8f198d1785b8431573d228e6eb35e9f3de0d58e338e74b2dd41
SHA512

fb2178743c76fb6744805573d47b875074dff0547a0c8d7c83e19a844f15757f650aff011da1d478c16458ec8a6f20903dc88b21dd2e7f4d3b4b29a9cc8500fc
SSDEEP

24576:vJlj3eotsx8NSTKQZQ7tWKN6/fXNqSqIItiTQNnEtyoH+Fgsw2e+JdsPRQ8+5:v/j3eotsxTSpWKN6NEZNEtxH2aouC8M

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2f1653da386e8f198d1785b8431573d228e6eb35e9f3de0d58e338e74b2dd41

Files

c2f1653da386e8f198d1785b8431573d228e6eb35e9f3de0d58e338e74b2dd41
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.0MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 338KB - Virtual size: 340KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE