254034f468d88d7fe0a3affaa507355d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

254034f468d88d7fe0a3affaa507355d
Size

213KB
MD5

254034f468d88d7fe0a3affaa507355d
SHA1

823c914a62811764e60bf56e01f79ec1d23baa41
SHA256

e46013a4a9d021e1e87aa2671197b3efaa810a209204b9a8eeefd00266199aa0
SHA512

188fed72b70d38acb2b74ab1607e4cb9f70e83062ee7256048d676dbd1f43cd7f206d6f77e644232f733fefa42907277b7d1204d671579e4aafd682d7531b43c
SSDEEP

3072:uJacj8v7wQ+ZGx7w8wjjP8I1IU8RjrzzvUWAOZjfKdLwYP:uJPgv7wJZ87wBjYI1IUwrIOZyvP

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
254034f468d88d7fe0a3affaa507355d

Files

254034f468d88d7fe0a3affaa507355d
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 416KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 184KB - Virtual size: 184KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.advos
Size: 512B - Virtual size: 4KB