d4e5013f0cd2371d855d7c0fc9cafe80N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d4e5013f0cd2371d855d7c0fc9cafe80N
Size

11KB
MD5

d4e5013f0cd2371d855d7c0fc9cafe80
SHA1

d0a8308ffe2fe3c0d9dd5c31ee1c1505b1aea7f4
SHA256

168241bcd3c251a985ae51af5a7bf2985a9b27ec4d0f74fda1cbc2bad0492d15
SHA512

d94e1d72fb1102e12c7d4f11f4d984463f9f16591f0daa377331534a7acfa90e7a28970ec015fb614fcb1ed494d2e420a4d98b5c64457be302098661e86c9d85
SSDEEP

192:n6axv5gyrUtZgqA9AIm2cIIa8bDnNI707N8g4HR+7xv/es:6G5geUvgqocvaYrNI70JeuXr

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d4e5013f0cd2371d855d7c0fc9cafe80N

Files

d4e5013f0cd2371d855d7c0fc9cafe80N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.crkY
Size: 345B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE