f97356e0ce81539bb21cb00c61a7d44924780b07c6afc8c29ef35966ead1d840N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f97356e0ce81539bb21cb00c61a7d44924780b07c6afc8c29ef35966ead1d840N
Size

1.8MB
MD5

1bb8b2ce6fbb97766cb488550dbdd740
SHA1

d9cd8d894c5b6c4c566f6e2f1fbd8f171dd23d60
SHA256

f97356e0ce81539bb21cb00c61a7d44924780b07c6afc8c29ef35966ead1d840
SHA512

5da58acfa036d56f16eac69a2bc365b3ba384ed5bfe2e6bf64de99b75b85f864f62276df1d2a2e3ca59b0e1885c265debb0899a86ce66892991207e98ebd0b95
SSDEEP

12288:BHTVhI8jdG+sV1p0x/k9fkQ3KypwkBPKxY9XZdFh29DNDupLdXUoWxOT8oSW:tV35QOk3KWNo34nOOTb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97356e0ce81539bb21cb00c61a7d44924780b07c6afc8c29ef35966ead1d840N

Files

f97356e0ce81539bb21cb00c61a7d44924780b07c6afc8c29ef35966ead1d840N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 302KB - Virtual size: 304KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE