d3d83401fbd3b1eeefaf46caf3a3798eae60e9debb52581bc26d8a3dc5068d87 | Triage

Sharing

General

Target

d3d83401fbd3b1eeefaf46caf3a3798eae60e9debb52581bc26d8a3dc5068d87
Size

612KB
MD5

416b1c5c5756c5379bbac6ac54bcda0d
SHA1

1d1d180143bdee134e31b71a69f1927f5f1e8774
SHA256

d3d83401fbd3b1eeefaf46caf3a3798eae60e9debb52581bc26d8a3dc5068d87
SHA512

8c036b436aa0860d0279de9f244a46c393456854961a0be4dca9ec53cad493efbe9be9b99af199e5eaf4437c33d0178f058100d96866ca5c8bb0baa25819890f
SSDEEP

12288:PBAsu/1OsCzbT7YebtN2rMFpouF0/DD0:YMzEgNPFpoz/0

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d3d83401fbd3b1eeefaf46caf3a3798eae60e9debb52581bc26d8a3dc5068d87

Files

d3d83401fbd3b1eeefaf46caf3a3798eae60e9debb52581bc26d8a3dc5068d87
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

?EngineProc@@YGJHIJ@Z
?pro_cess1@@YAHHHHPAD@Z
?pro_cess2@@YAHXZ
?pro_cess3@@YAHH@Z
?pro_cess5@@YAHH@Z

Sections

UPX0
Size: 372KB - Virtual size: 1.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 156KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE