0b2e79752247090f2f4aa9c8d8616371 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0b2e79752247090f2f4aa9c8d8616371
Size

213KB
MD5

0b2e79752247090f2f4aa9c8d8616371
SHA1

888b815fa21167d794694ce13d29c1617d98ca66
SHA256

68df165e21be3c4f62f89d7b80a84bf6ad6679c1ce4ffbbd471fae0781ae4d21
SHA512

cc0650c6470bd349706da5ddad015d9bb894219b891a72fdc952bb36292260353ad31f8f09a9e15dd87fd377a9b3e18e5dbf778898b05fdf9cf999e33692a3cb
SSDEEP

3072:LJacj8v7wQ+ZGx7w8wjjP8I1IU8RjrzzvUWAOZjfKdL1YP:LJPgv7wJZ87wBjYI1IUwrIOZySP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0b2e79752247090f2f4aa9c8d8616371

Files

0b2e79752247090f2f4aa9c8d8616371
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qsdyg
Size: 512B - Virtual size: 4KB