3472098682043dacd25360ae98f17b91354236e725e9fb9fda45e2fddf522310 | Triage

Sharing

General

Target

3472098682043dacd25360ae98f17b91354236e725e9fb9fda45e2fddf522310
Size

170KB
MD5

0774fabb6c97502db7bcab1fc5928b60
SHA1

a31461b71dc334fc0872f0e6be67b70017d3745c
SHA256

3472098682043dacd25360ae98f17b91354236e725e9fb9fda45e2fddf522310
SHA512

cc4614d1175f7d3d2d4aeee44ca91bd4f80dc1c7fa0bbc0b07d5ed8ae02f7109599622a0edcee85b680e84c8a85aab6c37cf8effc35a626b912d25e03f87531d
SSDEEP

1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8asUsJOLKc/Q4AljFEwOxW3o/v7V+X:fnyiQSohsUsUKh4AljKwOgob4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3472098682043dacd25360ae98f17b91354236e725e9fb9fda45e2fddf522310

Files

3472098682043dacd25360ae98f17b91354236e725e9fb9fda45e2fddf522310
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE