6e6b59e3d1445d7461a28c9ae12f320885c8798ff4d20fef3d6fc8fabe73a86a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6e6b59e3d1445d7461a28c9ae12f320885c8798ff4d20fef3d6fc8fabe73a86a
Size

11.1MB
MD5

3d7c26fb73afb0e235ef4bb906a95723
SHA1

3db57f2a5c49937578fe43d58783e1adf92c83b5
SHA256

6e6b59e3d1445d7461a28c9ae12f320885c8798ff4d20fef3d6fc8fabe73a86a
SHA512

66a3c9210e075328990b511554dafa8716793a8b47eab010e58cfdd79c7a46f130de420735b7f813682312645087d9483155cdfdc4077fa06fbe532803a23a2e
SSDEEP

196608:62E/iQfqU7mkWtVb+hHP6ZDhPzhwydlgncvmojtbjSWjOfHN4WHi39Do:TSFH6VoHPwdm7nc/jljZEHTqE

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6e6b59e3d1445d7461a28c9ae12f320885c8798ff4d20fef3d6fc8fabe73a86a

Files

6e6b59e3d1445d7461a28c9ae12f320885c8798ff4d20fef3d6fc8fabe73a86a
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 31.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11.1MB - Virtual size: 11.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ