cae8e11e6fc2bdca2c1c09fe51bfc92197aac365235824a743028fb277748494 | Triage

Sharing

General

Target

cae8e11e6fc2bdca2c1c09fe51bfc92197aac365235824a743028fb277748494
Size

280KB
MD5

f211322a9fe90b8690a3bd52fa12debc
SHA1

b4ee56670cf290fceb4a939932e26f2ff219743f
SHA256

cae8e11e6fc2bdca2c1c09fe51bfc92197aac365235824a743028fb277748494
SHA512

80903aaffbb8338021b890fbacefea891f5baf5bdb28361be2fe2bd492a73c89e2fb2dc07a34e293f3ac3a1f5d8bc99d7568d3db858f7e24031ed9b779b9f739
SSDEEP

3072:qgKKloQSrkKgRENEI5apGTwQqVMTW0hiJDeaG1QtMVmgPva4AOVWKKPYHwpuar:PM1Zmg3AOBKPYHwJr

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

cae8e11e6fc2bdca2c1c09fe51bfc92197aac365235824a743028fb277748494
.exe windows x86

9b2ee9e8d9c837208433f1c769c736ca

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvbvm60

ord696
MethCallEngine
ord516
ord628
ord665
ord631
ord632
EVENT_SINK_AddRef
DllFunctionCall
EVENT_SINK_Release
EVENT_SINK_QueryInterface
__vbaExceptHandler
ord713
ord608
ord717
ProcCallEngine
ord644
ord537
ord681
ord100
ord581

Sections

UPX0
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE