dd15c71ce26cd60af3ee475abc7e639bc8955ca5df106a5ed19452cea346f372 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

dd15c71ce26cd60af3ee475abc7e639bc8955ca5df106a5ed19452cea346f372
Size

1.3MB
MD5

596ee4b3e2057ef8aa48d1b8705cfdb7
SHA1

a7ac2d08df947f459fb2048eae1da62424417156
SHA256

dd15c71ce26cd60af3ee475abc7e639bc8955ca5df106a5ed19452cea346f372
SHA512

c3c6b55beaa4eea4954822ec038cf27aa1e9a322747aea55c1698efbfab64618f38c0debcc4abfdb0f41ac0d62ded5069cb48792db0f044ee5a291231583e7d3
SSDEEP

384:FBt7Br5xjL2Kd5AsAoh6n5eaOlIBXDaU7CPKK0TIh6SjeYDTcYDTkZW8b8c:V7Blpf/FAK65euBT37CPKK0SjeQc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dd15c71ce26cd60af3ee475abc7e639bc8955ca5df106a5ed19452cea346f372

Files

dd15c71ce26cd60af3ee475abc7e639bc8955ca5df106a5ed19452cea346f372
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE