849e2bcbcb67d86a2931d4e7cad0bb53880559e6c119ca32f0decd317dee30b9N | Triage

Sharing

General

Target

849e2bcbcb67d86a2931d4e7cad0bb53880559e6c119ca32f0decd317dee30b9N
Size

53KB
MD5

f6416120a2aa0af8518d3a3c711cecd0
SHA1

11daeb089a0194f4a8613b7346a251f8c2e93960
SHA256

849e2bcbcb67d86a2931d4e7cad0bb53880559e6c119ca32f0decd317dee30b9
SHA512

65aa1c11d17abdd6c4dd067fd05cb4ad32378d9f5d7f1cf2a9cecee25909c74d3fe3cfaf1f207f59356ff489940b2bdaf184459c12883092555d5397bdf8a19a
SSDEEP

768:l/iz5Bnotf4ebWtpDxP3X4GdAk4U+eCXwmKwisBM:lIPnotAUWtpDxfX4GdAk4U+eCzKrsy

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
849e2bcbcb67d86a2931d4e7cad0bb53880559e6c119ca32f0decd317dee30b9N

Files

849e2bcbcb67d86a2931d4e7cad0bb53880559e6c119ca32f0decd317dee30b9N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 18KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE