452866485b6a20eb157d7754582c4aebc2377bdb79fcb69bdcd605b78729de43 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

452866485b6a20eb157d7754582c4aebc2377bdb79fcb69bdcd605b78729de43
Size

562KB
MD5

cc28583d9f058fc581c78d4609199bd0
SHA1

a1134d08ac22c031b105d60e780171127277d43f
SHA256

452866485b6a20eb157d7754582c4aebc2377bdb79fcb69bdcd605b78729de43
SHA512

d1c7ab83c949e8c3fa3d6113a33c363286b72797a1aca75ed39cae6d7544d18a8c190ef706c04564b16307bd44230f37282b21f06718bb07fa968c2d417ca654
SSDEEP

12288:3stjgayIDpGzrw/Kz6q0Qqf7YPhkp+VdcLpIC1uDOdKDf9FJ1mAvB:6jg5WpGzrw8iLY5kp+VdcL6coDf9X1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
452866485b6a20eb157d7754582c4aebc2377bdb79fcb69bdcd605b78729de43

Files

452866485b6a20eb157d7754582c4aebc2377bdb79fcb69bdcd605b78729de43
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 526KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ