01d7bed248236d6e6b2753f567fb9ff10532e7966d10a587486f9d88ef83b187 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01d7bed248236d6e6b2753f567fb9ff10532e7966d10a587486f9d88ef83b187
Size

160KB
MD5

bd8150ca6b36e70b8be1a55af5f376f9
SHA1

da20aef5f7fa90ab982c4d3aee0e4ccc7035ba2b
SHA256

01d7bed248236d6e6b2753f567fb9ff10532e7966d10a587486f9d88ef83b187
SHA512

e1330f7ff33b97f283c9d7f63c48b9ce2b69549a9a50648fb83bdb707b409c55a8175975ff4cc6c3a58a9d1d230cedc2be69aa479fdf93a58dead304ee12bb98
SSDEEP

1536:a7ZyqaFAxTWbJJ7TUTW7JJ7T/Nf4EhNwNFkNXNFpiFu9Fy2XNgNFVNVNFomFaMFj:enay2fLNf4W+0JO2XKFbd0O

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01d7bed248236d6e6b2753f567fb9ff10532e7966d10a587486f9d88ef83b187

Files

01d7bed248236d6e6b2753f567fb9ff10532e7966d10a587486f9d88ef83b187
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE