General
-
Target
f6a9142a288bac4223772918bbd34302b375d9be4ef2456d6bc76a02e867a609
-
Size
245KB
-
MD5
1f0428bfd616180601ce7628ae27cd82
-
SHA1
960662ef9ee0b41b32b03a2db9dfbf80e400dc00
-
SHA256
f6a9142a288bac4223772918bbd34302b375d9be4ef2456d6bc76a02e867a609
-
SHA512
1ee04fae7cceacd7a2148671ec61c681aeb1bf218561923c8c1c1ff263a0c9b5211dfd1a02752d39931c616b93bf08c73a92c6baf2bc7dc734a6f779ef2ebbc9
-
SSDEEP
3072:w19Ny75olpfLcKV2ToutZOcIosPoDztZWk3Kw1ES:w19Nek9LjQoSIfgVD8S
Malware Config
Signatures
-
resource yara_rule sample upx -
Unsigned PE 1 IoCs
Checks for missing Authenticode signature.
resource f6a9142a288bac4223772918bbd34302b375d9be4ef2456d6bc76a02e867a609
Files
-
f6a9142a288bac4223772918bbd34302b375d9be4ef2456d6bc76a02e867a609.exe windows:5 windows x86 arch:x86
Headers
DLL Characteristics
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE
File Characteristics
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
Sections
UPX0 Size: - Virtual size: 268KB
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
UPX1 Size: 50KB - Virtual size: 52KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
.rsrc Size: 169KB - Virtual size: 172KB
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE