7e3e11d0a6372749ce212f3bd1d6142e | Triage

Sharing

General

Target

7e3e11d0a6372749ce212f3bd1d6142e
Size

8KB
MD5

7e3e11d0a6372749ce212f3bd1d6142e
SHA1

b2a095fcbda5509b9517e9f209e8f590889e0853
SHA256

bb151f7ee4b922d526ee85761fe32cb8b4eaa75b1941cc471590a6c118387834
SHA512

29ca9aa2085167854ce7bff5c9f4eebc81018f988468d04df924f229ecb4b81b35bc10f8c731aa2dc46dfdd39108a3497a0709785ca8be2b8be01440e034f0ea
SSDEEP

96:caQxcU6R/fuprNU9WV4VExHWfb98iap4FrU09ibsxSOcO9gAuN53ZijeNL8XQnYj:D+NNyDVE68HAuoxSOcO+53YPvxt

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7e3e11d0a6372749ce212f3bd1d6142e

Files

7e3e11d0a6372749ce212f3bd1d6142e
.exe windows:1 windows x86 arch:x86

0fe9471fd9c8fbc84d199c00e88f052c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenGroups

kernel32

Beep

user32

BlockInput

gdi32

GetBkColor

ws2_32

htonl

Sections

UPX0
Size: - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE