b809980a4d1c1332ebe42fde640b491ce28d3ca13e4d19322173849530cda055N | Triage

Sharing

General

Target

b809980a4d1c1332ebe42fde640b491ce28d3ca13e4d19322173849530cda055N
Size

89KB
MD5

c15e36b599f9ebc06fb6acbad75f9660
SHA1

eadbe3c2b58dfd39edc7764ceb18131210d97267
SHA256

b809980a4d1c1332ebe42fde640b491ce28d3ca13e4d19322173849530cda055
SHA512

da64d4ea7370397ae53ef7aeeaa1976a7d2b3baae959fb51669bf54c208fd7fd2eec9290eea76f26ee592d328031b186c4f62c68ae6f35fe90645a25c6d4d062
SSDEEP

1536:11+mFM2HXKZgixhIksu+XM5/HtAQ9Jox7e:H+4MJIkLZJNAQ9Jo9e

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b809980a4d1c1332ebe42fde640b491ce28d3ca13e4d19322173849530cda055N

Files

b809980a4d1c1332ebe42fde640b491ce28d3ca13e4d19322173849530cda055N
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE