8a13827ea95f0e38aa9b755e03351522 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8a13827ea95f0e38aa9b755e03351522
Size

3.2MB
MD5

8a13827ea95f0e38aa9b755e03351522
SHA1

7b037b3fcb98340cc32cfae515ab6c358b47de7c
SHA256

d9f280cab065ac306ea28eb12ea5d36bb2864413fc944d06f5d0be92e827939f
SHA512

7840b1baffdfa740350d12ec3440ad26e5576204b71807e8cb37f4310d6b62dc74d01f668c091b6328448acb47bad4052501d981445e7b9961854fa8f971a8df
SSDEEP

24576:JmeJ+qzGG1nTw2MORkh504xC1/dkYmkpHRE1O7paq+RQJbdlM/OWF68Xz1xODapw:J0wjnJMOWh50kC1/dVFd7o0+7OC6

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a13827ea95f0e38aa9b755e03351522

Files

8a13827ea95f0e38aa9b755e03351522
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.3MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 525KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE