cbe5431be97b79cbaf6ef6a2bf6baf60N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cbe5431be97b79cbaf6ef6a2bf6baf60N
Size

172KB
MD5

cbe5431be97b79cbaf6ef6a2bf6baf60
SHA1

e7b4ccd27cb2c29ee20df9279ef6c821c9679a9f
SHA256

16570e7474d943ae5adedefc0ed8e0510233fe2bcf4b3fc3c152dce59b5c0425
SHA512

287edefdbe460eb5f6a49647d688e80e3ba3086f76d8b1d47dc8c7e197092ac170b18ac45c3a149df879bb62699e9858e69dc8b06e5176f7ba98de15491d23a4
SSDEEP

3072:EmVwRKCzG7wIxY6UT+THFLKcRaTOuNfnn4h1UiGe7r0/yTC:EmVnkG7Rx1Ui7F9RuOO48iJH0qe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cbe5431be97b79cbaf6ef6a2bf6baf60N

Files

cbe5431be97b79cbaf6ef6a2bf6baf60N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 41KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ