c451ef32e67d15e32b8c5c9b6bd139a15bdfaeac708b2d0b55d684c8bf8556c9N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c451ef32e67d15e32b8c5c9b6bd139a15bdfaeac708b2d0b55d684c8bf8556c9N
Size

810KB
MD5

496aebcb5e11b9f14c076e988e18d260
SHA1

b0ec936a76096b7c652c74feca87ef737dfdca63
SHA256

c451ef32e67d15e32b8c5c9b6bd139a15bdfaeac708b2d0b55d684c8bf8556c9
SHA512

df9dfcd43d96e666a90723e98aa0f186d68ad718d0a73bfc8f25126ef01908487cdf8a213516ea038e73fea4a6bca9cbb63b03c3fca3614965f330617043d07c
SSDEEP

12288:kqkb0VUq91R3/WvcyhsdEoT+R9YpqdasDofR5HCP5k4WK7:k/b61H1yhsyoc9ISu5pCP51H

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c451ef32e67d15e32b8c5c9b6bd139a15bdfaeac708b2d0b55d684c8bf8556c9N

Files

c451ef32e67d15e32b8c5c9b6bd139a15bdfaeac708b2d0b55d684c8bf8556c9N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 420KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 688KB - Virtual size: 688KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rsrr
Size: 2KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE