df053abd068847235d072d00dc8a4b7dd1c09947e559168ed6c6c938c8e3a6d6N | Triage

Resubmissions

01/10/2024, 00:29

241001-atbx8asapm 9

01/10/2024, 00:25

241001-aq3lrswcph 9

Sharing

Copy URL Twitter E-mail

General

Target

df053abd068847235d072d00dc8a4b7dd1c09947e559168ed6c6c938c8e3a6d6N
Size

97KB
MD5

ec291b29534cb274961efe36e77e2820
SHA1

ec17f0c4074dd1ba5b1d3f09030f21527d84fb86
SHA256

df053abd068847235d072d00dc8a4b7dd1c09947e559168ed6c6c938c8e3a6d6
SHA512

29d0003b3180abfb47e2f51a536c473282d8e0317491bc16ed889917e8ff5d2d76a2c253210b5763b7794a8afbc973a904376eeca3ccc66c1ea4ddf34d296f1a
SSDEEP

1536:V7Zf/FAxTWoJJXtPHX7Zf/FAxTWoJJXtP3:fny1bxVny1bt

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
df053abd068847235d072d00dc8a4b7dd1c09947e559168ed6c6c938c8e3a6d6N

Files

df053abd068847235d072d00dc8a4b7dd1c09947e559168ed6c6c938c8e3a6d6N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE