c2a7b9e16ab041dc036a525b78782050N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c2a7b9e16ab041dc036a525b78782050N
Size

1.8MB
MD5

c2a7b9e16ab041dc036a525b78782050
SHA1

664dcaee90e2206eb521de403a92cb1dd813e1a6
SHA256

3c9fa8ae0ea14e00997c5a1f5f9d75667695afc0b061b631abeaf1b34e3c08ea
SHA512

c7f0adfaa05ac8ca0721c028982a392c4aed2e46ff9e0dbebf22d0942446bc1e2af211599bb70e2ae0cef5914c0e300724b1c3eada641f74ab51ba518160301c
SSDEEP

12288:BHTVhI8jdG+sV1p0x/k9fkQ3KypwkBPKxY9XZdFh29DNDupLdXUoWxOT8oSI:tV35QOk3KWNo34nOOTt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a7b9e16ab041dc036a525b78782050N

Files

c2a7b9e16ab041dc036a525b78782050N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 302KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE