7ba5079410290564629f230f78abe61f818c4146035e54e23526238c0b8f329e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7ba5079410290564629f230f78abe61f818c4146035e54e23526238c0b8f329e
Size

146KB
MD5

8b0fdcba8fce03c5bab20efa104973d4
SHA1

11d323a233a849ebe8bce5dbaea94a4298fa1f35
SHA256

7ba5079410290564629f230f78abe61f818c4146035e54e23526238c0b8f329e
SHA512

adf7de785f0a10b72877174227cd7666dc70f2cfd59bc74845dccb69c9b99d41d69e6292991aba0345234232e3bc315ae69c6da368b9709187c8be23b12ab717
SSDEEP

3072:dvs4dDXEGCLElJ1Tj4mYWR/RLxQfHw75/nQ62SlPv:NPDLCLqIo5RLxpZn33v

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ba5079410290564629f230f78abe61f818c4146035e54e23526238c0b8f329e

Files

7ba5079410290564629f230f78abe61f818c4146035e54e23526238c0b8f329e
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB