fe2a46d66443a6d8f76441e2fba02c0d183a4d0c1f95f92603f9721dfd162915 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fe2a46d66443a6d8f76441e2fba02c0d183a4d0c1f95f92603f9721dfd162915
Size

386KB
MD5

7944f5e71b700793640e277362eeb830
SHA1

5bc84c4f02d5d5804b243c325f227ef02d78196d
SHA256

fe2a46d66443a6d8f76441e2fba02c0d183a4d0c1f95f92603f9721dfd162915
SHA512

32e2f408fce873c8594594f40ff3106ed07f8112e69a11d2afc75305a7e288a0c0f6374357672fe9886de99d2ed637ff34c2025766fa439019fbdf5f3ec1bdfb
SSDEEP

6144:quIlWqB+ihabs7Ch9KwyF5LeLodp2D1Mmakda0qLN1XGGJ9Y/0r3JJGGrA:B6Wq4aaE6KwyF5L0Y2D1PqLTY/0DnQ

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/out.upx	autoit_exe

Files

fe2a46d66443a6d8f76441e2fba02c0d183a4d0c1f95f92603f9721dfd162915
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 560KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 264KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 117KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ