cf2836c839d6a28a202eb5fd0adce500N | Triage

Sharing

General

Target

cf2836c839d6a28a202eb5fd0adce500N
Size

788KB
MD5

cf2836c839d6a28a202eb5fd0adce500
SHA1

d0d5135e91eeafc87c08551aa469c68b1018c0e0
SHA256

ea32e09b65db747fe54d8d07dee16a03c04f5500519dea4e055f11218e99f3c3
SHA512

b7c5401e99e1c68bcd2538b66909c710bcc477f364681f9a82877b7e08e625a7aea08739a2a9ba87ad21c56b5391c88bbd188b01ccb73b1659e7d285fb4c71fb
SSDEEP

12288:7tKe6Zv23YLVFhBsC8iFHs+hsuQXIQVRpVnl3Bg5oiNvSNp0f2QkutzV:v6Zv2ivhBVnFvh5Q44+iiEb0f2Q5tzV

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf2836c839d6a28a202eb5fd0adce500N

Files

cf2836c839d6a28a202eb5fd0adce500N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE