70aa2e2928b39231fe5ec8aa774b45e2ac33dcafea5fb9fbca2f9ccb187abca6 | Triage

Sharing

General

Target

70aa2e2928b39231fe5ec8aa774b45e2ac33dcafea5fb9fbca2f9ccb187abca6
Size

161KB
MD5

1b59f865973a52f33e47b28c8d9ace3b
SHA1

dfd83d8f1abad94f913144c35024a60378998a89
SHA256

70aa2e2928b39231fe5ec8aa774b45e2ac33dcafea5fb9fbca2f9ccb187abca6
SHA512

2588d43a60e5a5d0938cd10334d3a0909f4617348db481b416f93f63e6f7d60540525c9c62d8fdea34c67317f9aa1dce5c2a2938458c1313108b6a6ed8f8f6f1
SSDEEP

3072:fny1tEevwnz7PgUXSAjZIInlxragr/Fgwp:KbEfnwUi8lxmF2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70aa2e2928b39231fe5ec8aa774b45e2ac33dcafea5fb9fbca2f9ccb187abca6

Files

70aa2e2928b39231fe5ec8aa774b45e2ac33dcafea5fb9fbca2f9ccb187abca6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE