c27d1bc812e2b47f7954a37a6e92e1512fe93ff7ffdc0034d3439892dbe8d3ef | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c27d1bc812e2b47f7954a37a6e92e1512fe93ff7ffdc0034d3439892dbe8d3ef
Size

1.2MB
MD5

7d075497fee36e4ba283fbb69254effe
SHA1

eea23f7b91121f71831c8efc4b3f4f2f4c775f95
SHA256

c27d1bc812e2b47f7954a37a6e92e1512fe93ff7ffdc0034d3439892dbe8d3ef
SHA512

d125f025c1dfc114c943aecbfa6b797cf524c302a3ef804002cfe9c015164cdedc025a0dd3e3fdbcd228e3bcef80f78a5868d95e7562319ec4fc00697f320646
SSDEEP

24576:0qylFH50Dv6RwyeQvt6ot0h9HyrOLiruAX:rylFHUv6ReIt0jSrOk

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c27d1bc812e2b47f7954a37a6e92e1512fe93ff7ffdc0034d3439892dbe8d3ef

Files

c27d1bc812e2b47f7954a37a6e92e1512fe93ff7ffdc0034d3439892dbe8d3ef
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 844KB - Virtual size: 844KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 377KB - Virtual size: 380KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE