8676c0630339cf8050604cbad80e130cd7e40f602a8a25a9abf6c77442e75e00 | Triage

Sharing

General

Target

8676c0630339cf8050604cbad80e130cd7e40f602a8a25a9abf6c77442e75e00
Size

137KB
MD5

e112b3e759549eba794ded5b94482dfe
SHA1

1e6b7d37bd43ab56cfde9c7420c56b71c57e39d1
SHA256

8676c0630339cf8050604cbad80e130cd7e40f602a8a25a9abf6c77442e75e00
SHA512

961c6ecc5a329e02de1b3b8eafb147ab9a726dcf03cc589b17e8daf852197a7b82f97bb314954b48eadf9f106993af7fc1c52faba6fa604e3e3af56d477cbd87
SSDEEP

3072:dvs4dDXEGCLElJ1Tj4mYWR/R4nkPR/1aVr1G2J0YvXQtSmDCT:NPDLCLqIo5R4nM/4hDSYXQt/CT

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8676c0630339cf8050604cbad80e130cd7e40f602a8a25a9abf6c77442e75e00

Files

8676c0630339cf8050604cbad80e130cd7e40f602a8a25a9abf6c77442e75e00
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB