14975c44bc39a8f3f71f020f05bbb86f910983d0b867ad430ce69c60c15fcbfa | Triage

Sharing

General

Target

14975c44bc39a8f3f71f020f05bbb86f910983d0b867ad430ce69c60c15fcbfa
Size

338KB
MD5

a64a382ef7c765b54b4c0ca0792ace7f
SHA1

9eb885165dea931fabf3ae8f820c8fd74482ea0f
SHA256

14975c44bc39a8f3f71f020f05bbb86f910983d0b867ad430ce69c60c15fcbfa
SHA512

506cc36cad7ffc6ff3cc56f08fa00fa30949f6a2902e7820fc95fd362dd4098173ca82a13a755cc909bef2093c3082fa6b309f7041df628b2d62507340767c02
SSDEEP

3072:uc3sBG7mXh7m/zZM3jAbNOM6CNtDCZFc/:/3sBz0Z4Mj72F

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14975c44bc39a8f3f71f020f05bbb86f910983d0b867ad430ce69c60c15fcbfa

Files

14975c44bc39a8f3f71f020f05bbb86f910983d0b867ad430ce69c60c15fcbfa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 90KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE