336f5dd78e9ef4af1c4e3db2f87e62e0_exe32_JC[.]exe | Triage

Sharing

General

Target

336f5dd78e9ef4af1c4e3db2f87e62e0_exe32_JC.exe
Size

124KB
MD5

336f5dd78e9ef4af1c4e3db2f87e62e0
SHA1

f6bfb880d5300acb9218a1f70b2020a2eb767368
SHA256

a4ac17c5343a0b0ba01ad4961898d36812657d415d6f567db77b5b540dd77aaf
SHA512

040c41d76766778f4f5c127384a38299dcf3ca613a32c7bcabe8be14ff7c35afb5d5e105a94b68a7d3229852426e14f24e742b12b37faa179d33a4c783641ae1
SSDEEP

3072:txjzhZWxivgmhbI/pqqsFUCN3R96vI+5vpgvQoutIq:rXC4vgmhbIxs3NBepuQoSIq

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
336f5dd78e9ef4af1c4e3db2f87e62e0_exe32_JC.exe

Files

336f5dd78e9ef4af1c4e3db2f87e62e0_exe32_JC.exe
.exe windows:4 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kxvu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.psfx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fpugn
Size: 512B - Virtual size: 4KB