293406834c38cf3f6c4e944a3976b0eb88e514c43470fcacb1d9e60358f2ffcdN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

293406834c38cf3f6c4e944a3976b0eb88e514c43470fcacb1d9e60358f2ffcdN
Size

29KB
MD5

2e7d625e419c24dd4d05ff225128a4b0
SHA1

eb4bc3d6582c01a0f6444c11c1c58b1011087ad5
SHA256

293406834c38cf3f6c4e944a3976b0eb88e514c43470fcacb1d9e60358f2ffcd
SHA512

5ce4881438943282d7ed35bbd26814d20c02b99537bcaaa0d900d3d2a147c6e83eb877bf3e579e6e59e93964e2404faa466341b37edac42e62d0527f7d33c1b0
SSDEEP

768:AEwHupU99d2JE0jNJJ83+8zzqgTdVY9/pAf:AEwVs+0jNDY1qi/qhQ

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
293406834c38cf3f6c4e944a3976b0eb88e514c43470fcacb1d9e60358f2ffcdN

Files

293406834c38cf3f6c4e944a3976b0eb88e514c43470fcacb1d9e60358f2ffcdN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 511B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE