8b659f68b31774f3c7f94cd930a1fa63 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8b659f68b31774f3c7f94cd930a1fa63
Size

4.1MB
MD5

8b659f68b31774f3c7f94cd930a1fa63
SHA1

449538abaefd302aedc76e51b0bb23405d626fe3
SHA256

35e5cc4a4b140120e5a23adfe444393885e09c86d4aed8e30ba8a085cb56dbc8
SHA512

afc30bebf14cc008852bc2c35a988b106ea555933ec27f4c7e68e53aa2f0a7c6722ca39be71a95bf3058f13ab5f358eca255bee36c51e4c9052c1c4cf0df37d4
SSDEEP

98304:y5Oj4GGW43xKIEjwC+u8MGJf9akmQqJqq5Hcg:oO4BKIQ6NMea9/L

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8b659f68b31774f3c7f94cd930a1fa63

Files

8b659f68b31774f3c7f94cd930a1fa63
.exe windows:7 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 456KB - Virtual size: 456KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 964KB - Virtual size: 964KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ