3b140f1dc736223a6c47501408712bacae851d486e41a6f5a6cc41e099aef34e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b140f1dc736223a6c47501408712bacae851d486e41a6f5a6cc41e099aef34e
Size

8.8MB
MD5

511ca2c05931a882c0d23c19480035d6
SHA1

d061c5d32a722a0afd967d2bef51afefd1fe8849
SHA256

3b140f1dc736223a6c47501408712bacae851d486e41a6f5a6cc41e099aef34e
SHA512

eb204b51d07008c0e4c8d9905621a4e26b8a6fd898c35d60fcbb2cd7080b5eb4a9ea8288c9e14e4cb8e35f35362024c2a0514f226a2a787e568803e5d794a8cf
SSDEEP

196608:Di0jN4oH5M+ZYVWm38UOY0GjkASU+oM1IuPCLQICw6aiL:Di0Z4oe24WmD0GLeo3kCLQZV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b140f1dc736223a6c47501408712bacae851d486e41a6f5a6cc41e099aef34e

Files

3b140f1dc736223a6c47501408712bacae851d486e41a6f5a6cc41e099aef34e
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE