9cb9b57a13eb9dd4a94b086b8f9c8f4cd04826cd45eb0697d3f32a45384ec29dN | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9cb9b57a13eb9dd4a94b086b8f9c8f4cd04826cd45eb0697d3f32a45384ec29dN
Size

54KB
MD5

c96213721e3d82be8d129c5b5ced5d30
SHA1

b937c3bdf558962bc3021fde4e2189bc5220c679
SHA256

9cb9b57a13eb9dd4a94b086b8f9c8f4cd04826cd45eb0697d3f32a45384ec29d
SHA512

fc42a6ed8fa22801b5c88a49b25263df30f0d2473a8e06d34f76474f09415c21de20e28c10293f2d7082f51e9e6b2a8015e61ce20e61058cc4ea3c66983f4732
SSDEEP

768:n8eRH+MlFh0pXrL4i6sh7iQroCHmmbk2ElUvV:n9l+Gi6sh7iQroCLMWV

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9cb9b57a13eb9dd4a94b086b8f9c8f4cd04826cd45eb0697d3f32a45384ec29dN

Files

9cb9b57a13eb9dd4a94b086b8f9c8f4cd04826cd45eb0697d3f32a45384ec29dN
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 20KB - Virtual size: 28KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE