dbb822c88c618123b56826e42f7967532deda7db6bc21b582d5b0d77dc5a849f | Triage

Sharing

General

Target

dbb822c88c618123b56826e42f7967532deda7db6bc21b582d5b0d77dc5a849f
Size

110KB
MD5

b269b8d4dbda4b60cc50171cbaaee27b
SHA1

6dc869181fcbeee60a4953ae0f2f6a0291fc1d07
SHA256

dbb822c88c618123b56826e42f7967532deda7db6bc21b582d5b0d77dc5a849f
SHA512

e9304a4156c2fc43bfb07d74a7634f0f331c60350dcff8c6d0a281ff5af142a659a6cc1b0a704e5452d85f3a3ff16a05cae4a4d798469ea7fb92be2f0e92fd64
SSDEEP

1536:WUDofByDJWbMGcEJSmMR2EBKOJUsy1+VMAZ:7ofBHbKOg2OPvMA

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dbb822c88c618123b56826e42f7967532deda7db6bc21b582d5b0d77dc5a849f

Files

dbb822c88c618123b56826e42f7967532deda7db6bc21b582d5b0d77dc5a849f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 60KB - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 18KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE