cf4eb180c351def73da997c43f0fdf80N | Triage

Sharing

General

Target

cf4eb180c351def73da997c43f0fdf80N
Size

162KB
MD5

cf4eb180c351def73da997c43f0fdf80
SHA1

b6601b2751ca09b62360c7d1f5125aebbd0d5ee2
SHA256

021076a5aa3ebe12260e40ef36a415543d1ee2ae8e7d21a73738776071ee9977
SHA512

3800520868c38f9adcbb51149cd0781f4afe8e2efee95d6497197d3fc113fb37bd40f33d87672d6c0b3d287fcc5f706d1fc61635919d4e0f5c7f9557bbad55de
SSDEEP

3072:fny1tEevXBqWHIjN3tj6qnv0b2UrXkbvLy:KbE0BNIjNDv0bNXkbvLy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4eb180c351def73da997c43f0fdf80N

Files

cf4eb180c351def73da997c43f0fdf80N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE