b9b75fcb9f16762fecd2b638932f611e[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b9b75fcb9f16762fecd2b638932f611e.exe
Size

155KB
MD5

b9b75fcb9f16762fecd2b638932f611e
SHA1

32c2d8fc136aa62ac5533f0c7f697c04e7c01c4e
SHA256

0de294247d0bb2af767a4ef4cc11f44c7bf3b053ff4e79d8ed2faf0b881a5fbe
SHA512

c8fae126582d4a7c4401f1786a973033b550e0395542664d2ae8a1b3eb144dba5ed8aa4824c0772bd6eecf3fe6b1c9486b6cea5e6b210e382df8d2d5fd10a6f9
SSDEEP

3072:6jbLl/gvQoutX1Tj4mYWR/R4nkPR/1aVuyJCPvAhTxIBBOo2Wqiu7XSbRlfjE:6jluQoSFIo5R4nM/40yJuAMBRaimXMlE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b9b75fcb9f16762fecd2b638932f611e.exe

Files

b9b75fcb9f16762fecd2b638932f611e.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btnj
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.s
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gduz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gih
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fbe
Size: 512B - Virtual size: 4KB

.pbws
Size: 512B - Virtual size: 4KB

.asji
Size: 512B - Virtual size: 4KB