04714e26b0a1ab0d836be6afb63f5cafc7aaf327da9c9f38cc821c1af19f2cd3 | Triage

Sharing

General

Target

04714e26b0a1ab0d836be6afb63f5cafc7aaf327da9c9f38cc821c1af19f2cd3
Size

4.5MB
MD5

aef099404bd1e80155e604e7a3ee9f04
SHA1

99bffb27acd12667408261cb1ab7afa865791267
SHA256

04714e26b0a1ab0d836be6afb63f5cafc7aaf327da9c9f38cc821c1af19f2cd3
SHA512

22f4968ceaceb22d2326c6bcfedcf0b72693558d57726a2a55e85cb78f1b23b28ba124fd41ec62bb74bf316d925730f6b41470d62690a70c22e9afdb81ea7311
SSDEEP

98304:nyWmcgZrnATVRVjJQ9xP2MDLisY6NvglSVhO+8jEo:nTgZzULcPlPiL6pglSjCAo

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
04714e26b0a1ab0d836be6afb63f5cafc7aaf327da9c9f38cc821c1af19f2cd3

Files

04714e26b0a1ab0d836be6afb63f5cafc7aaf327da9c9f38cc821c1af19f2cd3
.exe windows:6 windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.5MB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE