cf4e6c880593a2099698c21d2315b78424836b7371f30b66971c35a9ada77f06N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

cf4e6c880593a2099698c21d2315b78424836b7371f30b66971c35a9ada77f06N
Size

60KB
MD5

b68fde6719363289353c65a8b3959ec0
SHA1

7db5d7e2f9df5c4ad3a4ab88deb34286619d8973
SHA256

cf4e6c880593a2099698c21d2315b78424836b7371f30b66971c35a9ada77f06
SHA512

afcabcac7c5dafc8edbff1d30abd8d8dd11a0070c7789ed062f464085eb6d4803c92eb7426ab264ed8481bed3f48847a52d9ce93a950a2d57e1a5a6ffac69c6c
SSDEEP

768:r8eRH+MlFh0pDpuJ84WEi+U6sh7iQroCHmyf+RjFBSuB2XpfsPpzSdIqP:r9l+W8xFt6sh7iQroCoRB0u0sPpzS+Q

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cf4e6c880593a2099698c21d2315b78424836b7371f30b66971c35a9ada77f06N

Files

cf4e6c880593a2099698c21d2315b78424836b7371f30b66971c35a9ada77f06N
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE