ff9d37f8a10a8d765f7ffb85b7ea7830N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ff9d37f8a10a8d765f7ffb85b7ea7830N
Size

89KB
MD5

ff9d37f8a10a8d765f7ffb85b7ea7830
SHA1

931ebb9cd5cc129b4b4aa4bd0f3cbc22399962d8
SHA256

8965c803c229804463f98177cd84f7d380b2de3182c118089c358d2b988d559e
SHA512

d730fc5ef56ae667820f1c2c8fd419efe30e6a7c03d491b17799a593f49b9337ef4457d45d343f9fd2fc3fee5e292a1515a4ba17b4a8bbd18a3bac9cacf5bcde
SSDEEP

1536:CU9YkETRm/CQ7igcuGC58kSlRQrpJUnVPM+j4FCXs:3zwR4f78uGC58k8R+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ff9d37f8a10a8d765f7ffb85b7ea7830N

Files

ff9d37f8a10a8d765f7ffb85b7ea7830N
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE