981e67e04e5604b09abc0ff31b8f3301ae2f09a584b7d404a454d6e252e34cfaN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

981e67e04e5604b09abc0ff31b8f3301ae2f09a584b7d404a454d6e252e34cfaN
Size

1.4MB
MD5

b6022a93cb3a1db5e0c2e4f45332f870
SHA1

3d21d1ff3979f73a97f0572d0564a9d966aa2eb1
SHA256

981e67e04e5604b09abc0ff31b8f3301ae2f09a584b7d404a454d6e252e34cfa
SHA512

1ee3593da362360bd04b6cadcbfdb027944f7e4f7112bbcc9555427d291c3c0f3d8c0fff5434f405001b72a5dca0dfb75087f63309bebe9cd5404e851cc9ad38
SSDEEP

24576:VArW/8hh0FQAq7c8nA7YMv3+DpBNPRI9ovlG4XozaEhptdJfCGzeYVxXNVD8pVVn:Ve0mfW3YNPRRlG4saIprJN2U0

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
981e67e04e5604b09abc0ff31b8f3301ae2f09a584b7d404a454d6e252e34cfaN

Files

981e67e04e5604b09abc0ff31b8f3301ae2f09a584b7d404a454d6e252e34cfaN
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 796KB - Virtual size: 796KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 532KB - Virtual size: 536KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE