3b6e9460507b214d04bea9ac74d65f0d_JC[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3b6e9460507b214d04bea9ac74d65f0d_JC.exe
Size

83KB
MD5

3b6e9460507b214d04bea9ac74d65f0d
SHA1

f4b6329f06d9c89a22d04606452286608180aa57
SHA256

e4f6c94e70ecdfd8b97af6efdae1e1d141948b834f2b5340c64ae6bda66e47e3
SHA512

fe47620421a3f231ae2bd80dbf9ffd9098be11db158726f8cbdc4877799be56ef222b74d5b15b63cfc4aa4b5cbfe5a7ec05e6441e91ede27bc7eb1fe52eaf962
SSDEEP

768:G1NK2cNW0QbRsWjcd+6yBFLqJ4Z8qx70RM8/O/B2ZR1RGn8NIoGLLRNeoo:GFcNjQlsWjcd+xzl7SM+Gn8255Neoo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b6e9460507b214d04bea9ac74d65f0d_JC.exe

Files

3b6e9460507b214d04bea9ac74d65f0d_JC.exe
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 51KB - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE