f27e3207558724f17e8c12973a26095370d1e925a63f7e5bd53d43a48990559d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f27e3207558724f17e8c12973a26095370d1e925a63f7e5bd53d43a48990559d
Size

550KB
MD5

34726f18e0ed861928ba277bb65592aa
SHA1

0c42b3a80701b77bf1b78da5881eb3c251dcb9bd
SHA256

f27e3207558724f17e8c12973a26095370d1e925a63f7e5bd53d43a48990559d
SHA512

67843955bb469f7feda1476c3e6a3db3fc1f7cdcbdce961885b4815fe2cbf92a28a3f963f2f61c46913f10b71d7085ebfdf5fe26e7c609370a314cdf8459bb35
SSDEEP

12288:VRhNu2hLTSZ0JNWoL1gv/viVWQvIMkdIZrxRXv1oUua4TrsSx8nrqmAvB:L60LT8KBLav/vSboUXvwa4TrFx2rq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f27e3207558724f17e8c12973a26095370d1e925a63f7e5bd53d43a48990559d

Files

f27e3207558724f17e8c12973a26095370d1e925a63f7e5bd53d43a48990559d
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 1.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 514KB - Virtual size: 516KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ