12345[.]exe | Triage

Sharing

General

Target

12345.exe
Size

4.0MB
MD5

71a463a7c5a39b3066baf48652462969
SHA1

c19b2ae85f4f00349327fb404190854704beec55
SHA256

2083442c39a5b18594ea406d3dcb6178245ab8ac17fc781ae3c97d7f4600edc1
SHA512

764471f66d7c6442ed2323288e29f202c72649c05f4a1ebc67cb9ddc745ce6f5beafc3aa97dce063c06f1d0a387d35b695bfbcac0d2bbcc982e1364b5cd5d1ca
SSDEEP

98304:c/kjmnX6ng9oZiusL1osQf0AF03JbEiSuGqdeR:c/Qmnqg9oJ21AfjS51hZ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

12345.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.7MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE