8b1b33504ac257c5c245d3cfe1b1417a | Triage

Sharing

General

Target

8b1b33504ac257c5c245d3cfe1b1417a
Size

152KB
MD5

8b1b33504ac257c5c245d3cfe1b1417a
SHA1

2e80c75450e9b819286a82046cc9fb539d0bedcb
SHA256

24c1564f9c4251dd978c6bbd44a13132846d32448710effe7d1982ddb310c0a2
SHA512

970d4e9559d0d0744792ba0f1b5af28072afcfeaa8fd4ec98a805a6398bb1bd68d5f9098a34fcbb6dd459f0ded864da84d2db008aaf22e9dcd9b5798e2687fb9
SSDEEP

3072:a/yOelLSYvfVKqaX7swC4Xz/h9wfaWeS/1zVs3INerkpQKNCWrEd:2yOGLxvfVvG7s4Xbh9wflbdzVx15NHra

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b1b33504ac257c5c245d3cfe1b1417a

Files

8b1b33504ac257c5c245d3cfe1b1417a
.exe windows:4 windows x86 arch:x86

f433e7fcc51e68080022754836705744

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_ISOLATION

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
LoadLibraryA
GetProcAddress
ExitProcess
VirtualAlloc
VirtualFree

user32

MessageBoxA

Sections

UPX0
Size: - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

lt82htjg
Size: - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bphfgom5
Size: 146KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

dqeaf4uz
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ