28AA7376A0FAAF6BC069D5A6B112BBDB4D5E580F9C8D075DF7811F444B97D8F5 | Triage

Sharing

General

Target

28AA7376A0FAAF6BC069D5A6B112BBDB4D5E580F9C8D075DF7811F444B97D8F5
Size

4.0MB
MD5

36ad65689efdd1cbc9bfbb0741e0bf0c
SHA1

a67710c5e20f34a8d3f222168991ad68d1e9c63e
SHA256

28aa7376a0faaf6bc069d5a6b112bbdb4d5e580f9c8d075df7811f444b97d8f5
SHA512

4323fe32be08dbab6b9ba981a1e3ca8a7d97ffe90f0b5ea72f78350868fe103570c960753e035927758e72bba7cee712997193d198dbfd04ef6ba374acd5fe0d
SSDEEP

98304:upQ5OqPhxYIAxEJGilGkogOLMUNKeaTKhKiYXGPg:ue5FPhz3JVGKOAYuTy3Yag

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

28AA7376A0FAAF6BC069D5A6B112BBDB4D5E580F9C8D075DF7811F444B97D8F5
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE