E863D1DCD9CAA7A9ACBAFEDAED53973D2B98C338C54697D5BA9B10E7123D4C25 | Triage

Sharing

General

Target

E863D1DCD9CAA7A9ACBAFEDAED53973D2B98C338C54697D5BA9B10E7123D4C25
Size

4.0MB
MD5

49db7cc798fa58c6b0d5288310ec5014
SHA1

811371f570d089bd0929b85a270a4f331e4dd75d
SHA256

e863d1dcd9caa7a9acbafedaed53973d2b98c338c54697d5ba9b10e7123d4c25
SHA512

bbba6b6eb3aefc806e55c6d5fec3cf1fe40755b0a2948f3ade369d18ee52f999b8f7397d047972b09d9504a18cc287d4d1dd92570acec83c51d3a885f5033c52
SSDEEP

98304:i+v3I3KFvjoO1tPxRbovDEGAAMG0ERVAETcZ1OY:iQICjoMRxy1AAbFZI

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

E863D1DCD9CAA7A9ACBAFEDAED53973D2B98C338C54697D5BA9B10E7123D4C25
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE