8fe7af4b279e32ab930aaaa17975f46e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8fe7af4b279e32ab930aaaa17975f46e
Size

53KB
MD5

8fe7af4b279e32ab930aaaa17975f46e
SHA1

46a9752098294bfe171fefeefd815012bcc26589
SHA256

3bc1c596cc599a8efb44796164d93a596f6b7d8c05e6f7c5bdefe7ac54b2057c
SHA512

bf90c509d16b7647b852cd9ff690259398c4e12a0f803213509d8acb71c69a42266962d04a9116919a83f2cd1d7cf57ce9b3a1b03717783a02888f7ba0bfcdc9
SSDEEP

768:Dl0TPAd2uAGEnsTTvyH70u+SbmPrUjAizjOKP3T+E48EJaJ4EyEnlgDdQEJx5rxx:nd2u1PHxu+JPrmAi+Kbj3J4EnlgzL5b

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8fe7af4b279e32ab930aaaa17975f46e

Files

8fe7af4b279e32ab930aaaa17975f46e
.exe windows:1 windows x86 arch:x86

fc1e39870f241f86419910152483c9e7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndDialog

comctl32

ImageList_Add

gdi32

GdiFlush

advapi32

AccessCheck

msvcrt

printf

Sections

UPX0
Size: - Virtual size: 524KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE