yu[.]exe | Triage

Sharing

General

Target

yu.exe
Size

4.0MB
MD5

da70d0aab8cad0887e5e9b5174c9d87d
SHA1

af5096c0b9fd4f4926850c4479c8e0e0eac8c91b
SHA256

6617c1ab08b88711538b600fc4c5cf76098088b436185f5590cdb0e1fc1f6b13
SHA512

c100a08bccfa00dcf93160b6174940db1b6839aafbbaec8caa25c4c0e004c96aebf243552df85b7dff56915401bfcb0ecb9caa9bce2edf0d29a9b52c849ebcc5
SSDEEP

98304:SsFwGLi2ftBJTM3YQl25QrsIFuzsfuzCCsAp0a9Hqt:SeL7tBJSYChrZHfeCCz7

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Files

yu.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE