da212a7d5f280cb4bfbec563b5d8c938cbac212bb1ceb4021c802e6e4b4bf892 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

da212a7d5f280cb4bfbec563b5d8c938cbac212bb1ceb4021c802e6e4b4bf892
Size

279KB
MD5

88b80db5e9063e366d58b2ba79ce4b89
SHA1

f3287ea8a3fe50a5cf5cdee78257a00c10bc5136
SHA256

da212a7d5f280cb4bfbec563b5d8c938cbac212bb1ceb4021c802e6e4b4bf892
SHA512

64b560d0d6bf40c97101285757237a52bde274436f2c5da1f877afdf9fe298604748a543a9317fbbd53e63f2b9ef74bc5766d0b97a8613872b9255dc98a09f5c
SSDEEP

3072:fnyiQSo7Zf2XqQSo7Zf2X6yKoIWbsHfySkT5GeCyi348oWGRPOzkjId6q8UdrSDy:KiQSoV2aQSoV2CwTC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da212a7d5f280cb4bfbec563b5d8c938cbac212bb1ceb4021c802e6e4b4bf892

Files

da212a7d5f280cb4bfbec563b5d8c938cbac212bb1ceb4021c802e6e4b4bf892
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE