0172c7143feda5da5d8fa9119b0d78491e99081d2885d2a804aa0efee1281b14 | Triage

Sharing

General

Target

0172c7143feda5da5d8fa9119b0d78491e99081d2885d2a804aa0efee1281b14
Size

1.0MB
MD5

60b115830ed67926f7b6932ff1c63f06
SHA1

0eb7ac80bc6ebf7507429525fb798bfc690c2a15
SHA256

0172c7143feda5da5d8fa9119b0d78491e99081d2885d2a804aa0efee1281b14
SHA512

f3dcf6d1ac5e465d1364ee054c181150479da3dd7cb2ece3575a7b5105ba1ecda78f13d1902bb6463ddc5fcdf8e09ebd2a2ac029f8b0bc6a227acddda70faca7
SSDEEP

12288:0EQoSCDhreFUY77Igptj5kQXd0yuVy1lRycXz0iR3gzFk4cINNCYK57lsKX9WYEz:0ynYHIg3F07VyvRycXz+LcIdK974xGe

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0172c7143feda5da5d8fa9119b0d78491e99081d2885d2a804aa0efee1281b14

Files

0172c7143feda5da5d8fa9119b0d78491e99081d2885d2a804aa0efee1281b14
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ