b92d324739eac59ace00a368c344c67e110574fd7d0d9a1cea28cc4720a7916d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b92d324739eac59ace00a368c344c67e110574fd7d0d9a1cea28cc4720a7916d
Size

559KB
MD5

2298962a602ba5cda78276302c839634
SHA1

523ebd6e36d88d6fb68a26575985ce51944b7a81
SHA256

b92d324739eac59ace00a368c344c67e110574fd7d0d9a1cea28cc4720a7916d
SHA512

2d89dba13f7050648e2ac5e485ab84e9aee10d6621d9c7ebad7ce1b2ea3fb290135aac0d5a3c824a1ca1334c4f8ccebc0e998a03f26b850a70bed7077790e94f
SSDEEP

6144:aJV10cTrk/mWVqwvzJR6QLW4/ih5QDyU+FM8cEOkCybEaQRXr9HNdvOaZm:St+aQa4/cQDy06Okx2LIaY

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b92d324739eac59ace00a368c344c67e110574fd7d0d9a1cea28cc4720a7916d

Files

b92d324739eac59ace00a368c344c67e110574fd7d0d9a1cea28cc4720a7916d
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 268KB - Virtual size: 280KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE