cd6b15d1852e891a14b02eb4d4cffc1a1bd24d98b05b1824308bdc8655776c20N | Triage

Sharing

General

Target

cd6b15d1852e891a14b02eb4d4cffc1a1bd24d98b05b1824308bdc8655776c20N
Size

112KB
MD5

3e64ea325936f027544cf9523b9134d0
SHA1

5ece62e7aebf45c38345271cacd0f43fb79e8bb6
SHA256

cd6b15d1852e891a14b02eb4d4cffc1a1bd24d98b05b1824308bdc8655776c20
SHA512

0c02fe192adc9675e29c8780340faa145b0af77436707bc826768922ff75546fe4200f3696ec2da74217bf7488b700563aec8a419a8364be8e9675b900a041d8
SSDEEP

768:TKEBUUC151Npquv3Rn4KE7pRnbcuyD7UYE:moU5bLpXRxMnouy8D

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
cd6b15d1852e891a14b02eb4d4cffc1a1bd24d98b05b1824308bdc8655776c20N

Files

cd6b15d1852e891a14b02eb4d4cffc1a1bd24d98b05b1824308bdc8655776c20N
.exe windows:4 windows x86 arch:x86

3dcbc7d0ae83594aee771cb6c6621c0f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvbvm60

ord696
ord697
MethCallEngine
ord518
ord667
ord593
ord594
ord632
ord525
EVENT_SINK_AddRef
ord529
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord711
ord712
ord716
ord717
ProcCallEngine
ord537
ord644
ord681
ord100
ord616
ord619

Sections

UPX0
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE