66f726b45732656e1ab784059dacbd6e4208e9e21a7f56f59c55b1ea71f8568cN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

66f726b45732656e1ab784059dacbd6e4208e9e21a7f56f59c55b1ea71f8568cN
Size

282KB
MD5

fb159872af4e92c35263536ac161f080
SHA1

c7ec9873f3e1cc8806416b76dec7f76bfc47961c
SHA256

66f726b45732656e1ab784059dacbd6e4208e9e21a7f56f59c55b1ea71f8568c
SHA512

29df6791f7fe07793876479a5adef7d36f87a77a8c24d28ff646bcec23a49e09865e256cdd9e697cf31ed79a5addd0331ac1aca80e95cd348b375f167a738aae
SSDEEP

6144:kzy2vlgyAm+j180wruRQ8EOzou2X5nvoSyf5:kndU1erkltopVvoSyx

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
66f726b45732656e1ab784059dacbd6e4208e9e21a7f56f59c55b1ea71f8568cN

Files

66f726b45732656e1ab784059dacbd6e4208e9e21a7f56f59c55b1ea71f8568cN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dswlab
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE