df0b86869c2a2257fb0e4e30efe383b64f50b09c65524d330de9eb77e292da81 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

df0b86869c2a2257fb0e4e30efe383b64f50b09c65524d330de9eb77e292da81
Size

3.1MB
MD5

ed11de4259ced47cc2d1ce0f3bb3a639
SHA1

5eb61ecd133231c9acb36ae5799ed9a438e0c32a
SHA256

df0b86869c2a2257fb0e4e30efe383b64f50b09c65524d330de9eb77e292da81
SHA512

d81a14df5fce4123d3c780e162e37570f018bbc26b196ea82898c7fa4f9a33cde1f7cf5179164fcd725c2075af2e078e092b1bbed563405713250b876b1c5a41
SSDEEP

49152:Kjd8Flj+39LUAfx3Y2xYd3Y2xe0wVOIVwd3Y2xgd3Y2xiIFXBAk:Dt+3aA+IFX

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df0b86869c2a2257fb0e4e30efe383b64f50b09c65524d330de9eb77e292da81

Files

df0b86869c2a2257fb0e4e30efe383b64f50b09c65524d330de9eb77e292da81
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 544KB - Virtual size: 548KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE