3d6c36a232df15116e3530ad23f8eb85fc308f03983935481e0ae9d2b17d7b21 | Triage

Sharing

General

Target

3d6c36a232df15116e3530ad23f8eb85fc308f03983935481e0ae9d2b17d7b21
Size

165KB
MD5

1bb598ac92f0ee14af098ecd5d8f9443
SHA1

3bafc685edc12a81ef0eb8eeb0f753a18d8588aa
SHA256

3d6c36a232df15116e3530ad23f8eb85fc308f03983935481e0ae9d2b17d7b21
SHA512

8f12feb78aa7f2bf49faf159614d8e06bf058b3f8586032325a08c2a332d2a34930f50098cc084e06c585390f0cd839519852b46805457ea6e67be06d4191fee
SSDEEP

3072:fnyW+LG/KZGMlWHIjN3tj6qnv0b2UrXkbvL2:KW4GMCIjNDv0bNXkbvL2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d6c36a232df15116e3530ad23f8eb85fc308f03983935481e0ae9d2b17d7b21

Files

3d6c36a232df15116e3530ad23f8eb85fc308f03983935481e0ae9d2b17d7b21
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE