01397a622428c6e4d586e3ce9b716bce12742c265fdae086f86c89cc3d9d86dcN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

01397a622428c6e4d586e3ce9b716bce12742c265fdae086f86c89cc3d9d86dcN
Size

58KB
MD5

3ca3d453ea6a83c74e47870765aa24b0
SHA1

f89530bfa7b69d1b2c41f96a3353cf8778241d8a
SHA256

01397a622428c6e4d586e3ce9b716bce12742c265fdae086f86c89cc3d9d86dc
SHA512

f0c8662692a4c887154aab3ddb1d3c1d84655cbf9021a289f19aa34d5c6ecbca8a7e8a4476d63aed07128895e2e362a3596281221310f41c2c7e31fb38fa75f1
SSDEEP

768:r8eRH+MlFh0pDpuJ84WEi+U6sh7iQroCHmyf+RjFBSuB2XpfsPpzSdkp:r9l+W8xFt6sh7iQroCoRB0u0sPpzSw

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
01397a622428c6e4d586e3ce9b716bce12742c265fdae086f86c89cc3d9d86dcN

Files

01397a622428c6e4d586e3ce9b716bce12742c265fdae086f86c89cc3d9d86dcN
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE