2772cf44d495e036bc1794781abcc698474c9c2b65122592a15d3341e8e5c0fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2772cf44d495e036bc1794781abcc698474c9c2b65122592a15d3341e8e5c0fe
Size

111KB
MD5

f2281afdbccaee551f77237bfa0899ca
SHA1

b581189e46993e82d92bf39c3e34aba24626753f
SHA256

2772cf44d495e036bc1794781abcc698474c9c2b65122592a15d3341e8e5c0fe
SHA512

d225d1d7f8008d7c85736576f5f8f5e8a8aa580be4a904f4c97b5b030587cd0d62562403903cb8f8aed89567d116c6bf74ecd876b2b90f0a8b91ff762354295b
SSDEEP

1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18f7:ELlbZTZX3BAtTSVEdUJWTWd18f7

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2772cf44d495e036bc1794781abcc698474c9c2b65122592a15d3341e8e5c0fe

Files

2772cf44d495e036bc1794781abcc698474c9c2b65122592a15d3341e8e5c0fe
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE