bb6f37a2a5f44c767880533fa8e8e89c48a42f896c6b5376ad40255fc76b3091 | Triage

Sharing

General

Target

bb6f37a2a5f44c767880533fa8e8e89c48a42f896c6b5376ad40255fc76b3091
Size

4.3MB
MD5

5ddf2ef922dfe7d69aefa490e458564f
SHA1

26365c2ed4f0ebe3a0e6122a46d7a7cbbd36a2d2
SHA256

bb6f37a2a5f44c767880533fa8e8e89c48a42f896c6b5376ad40255fc76b3091
SHA512

d93ae35c709e4865c29317445aa585d7b39ba4d364e130ea71a89ef3003566c5654b1b81ac02616e429d54dcaad4e1086fc49392d4e051b0ae8895fe47940bfa
SSDEEP

98304:qU515rkS6qpXvnNuHcaHI8igVkwta7ic5reb1pj+FNSTdb:qU51Voq/uHDHZntCR54+Fgb

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bb6f37a2a5f44c767880533fa8e8e89c48a42f896c6b5376ad40255fc76b3091

Files

bb6f37a2a5f44c767880533fa8e8e89c48a42f896c6b5376ad40255fc76b3091
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE