3adfaca0654b69d1b0a20dee8bc212e33dd85efe298c466b4891b3440782e136N | Triage

Sharing

General

Target

3adfaca0654b69d1b0a20dee8bc212e33dd85efe298c466b4891b3440782e136N
Size

135KB
MD5

bcfb7242eff907a5e8aa906b91abff00
SHA1

8a534e5b24be1d775c5185655d7e68a5a40c042e
SHA256

3adfaca0654b69d1b0a20dee8bc212e33dd85efe298c466b4891b3440782e136
SHA512

0ac56019dfc900b9513c7aad21fa039a1b087dbbbc54f94da8df914de8b8f2248eda919d043afca9a8d3ff2d9bfa7aa180a4d1614c581bd4c96d2c3e77dc18f5
SSDEEP

1536:V7Zf/FAxTWoJJ7TfsWysWKOtOcvOCg7WBaMrDOs:fny1jsWysWsmaAh

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3adfaca0654b69d1b0a20dee8bc212e33dd85efe298c466b4891b3440782e136N

Files

3adfaca0654b69d1b0a20dee8bc212e33dd85efe298c466b4891b3440782e136N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE