8cf8f8abf5d2259a0046be254b20570abf0a82462a3efee0e86f7b7b3dc63c51 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8cf8f8abf5d2259a0046be254b20570abf0a82462a3efee0e86f7b7b3dc63c51
Size

834KB
MD5

f9dfca7b3e3292b5fa9b95d79c441dd0
SHA1

2b351b5319ba027a44675fcc4ce83a3c8074120d
SHA256

8cf8f8abf5d2259a0046be254b20570abf0a82462a3efee0e86f7b7b3dc63c51
SHA512

9a919b6c0a8b955332535a85d8aaedac0e4762459bc703eb0b96a63684828fc737031e344416444fabc8d652eb81601f1753dd54be124058cfd39b28197ab1fe
SSDEEP

24576:NSL1t2kfjtQwah9y+o+O1wQTAhiq12++u:NUlxQRh9y+i9ko2r+u

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cf8f8abf5d2259a0046be254b20570abf0a82462a3efee0e86f7b7b3dc63c51

Files

8cf8f8abf5d2259a0046be254b20570abf0a82462a3efee0e86f7b7b3dc63c51
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB