ea6ef28b5078a6232208a640c37f663904c1888f606a4713df6625d5aeaf8414 | Triage

Sharing

General

Target

ea6ef28b5078a6232208a640c37f663904c1888f606a4713df6625d5aeaf8414
Size

48KB
MD5

9fbd497d87e23606e5c71589a4279469
SHA1

4ca0e697fa2497ee2fc4da005f42b8bfc519ecaa
SHA256

ea6ef28b5078a6232208a640c37f663904c1888f606a4713df6625d5aeaf8414
SHA512

d3995bf0be630d37b41425e32498a39a7a02fd285b2df31e15d8abb2a4a9da8dd7f75cde550d8d047b3e5c9f67122f42d1fa169e48f82852a27f222b9ae5208a
SSDEEP

768:V7Blpf/FAK65euBT37CPKKQSjyJJ1EXBwzEXBwdcMcI9U7:V7Zf/FAxTWoJJ7Tw

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea6ef28b5078a6232208a640c37f663904c1888f606a4713df6625d5aeaf8414

Files

ea6ef28b5078a6232208a640c37f663904c1888f606a4713df6625d5aeaf8414
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE