d3440147801e3bc681cababc8cec67f87bb326bd43da0fc415cddf12a4f640f7N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d3440147801e3bc681cababc8cec67f87bb326bd43da0fc415cddf12a4f640f7N
Size

1.3MB
MD5

9f8e42f061e6f38be831a010a7d47c30
SHA1

80b2b675016fbf6b59e364a93635b77402c173ba
SHA256

d3440147801e3bc681cababc8cec67f87bb326bd43da0fc415cddf12a4f640f7
SHA512

6c2ab2d91432b79abb8c646802d42e30bdefae62760c8766d9069eab19b87366b6de81b2ec6dae273de37e893591db97f257e67bf4cb77cea4507bbc0232d076
SSDEEP

3072:fny1c2Jah2n4m4srbr3y2ZeaZYjnkdVv6VwVgu8X5gjvN/g/3/m3LSbom:K+2Jah2dr3y2ZbYLbu8XO/g/3/U2z

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3440147801e3bc681cababc8cec67f87bb326bd43da0fc415cddf12a4f640f7N

Files

d3440147801e3bc681cababc8cec67f87bb326bd43da0fc415cddf12a4f640f7N
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE