d1f0bcd09cea71b01ff7204662bbb7f0N | Triage

Sharing

General

Target

d1f0bcd09cea71b01ff7204662bbb7f0N
Size

49KB
MD5

d1f0bcd09cea71b01ff7204662bbb7f0
SHA1

bd6fe68b0ceb603bc48e43a0b7ce7afdb2bc4fb2
SHA256

bb34f4b26b10640f10e7478a6fbf91f53161635a0f7c01ccf48e081fe0f0f776
SHA512

5c80b2ce401bb907b9e0e41ff8bc7a89fc0023c78e5b9889af17e250b2100cec00caa1b2b79b269d9eff94a9fc692b9d1c43770736347b03e3a11e0d7632fd95
SSDEEP

768:n8eRH+MlFh0pXrL4i6sh7iQroCHmmbk2VZN:n9l+Gi6sh7iQroCLVZN

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d1f0bcd09cea71b01ff7204662bbb7f0N

Files

d1f0bcd09cea71b01ff7204662bbb7f0N
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE