12d9200f2fa543da04bf7e5778e87cca3b21eea9ad2f5cd5ce2fe9774e1f9d44 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

12d9200f2fa543da04bf7e5778e87cca3b21eea9ad2f5cd5ce2fe9774e1f9d44
Size

1.8MB
MD5

2b15a3db9dbda2284dc72d4869fe6997
SHA1

76e13ba74f63936ee3ee58959c5404e0edccfec9
SHA256

12d9200f2fa543da04bf7e5778e87cca3b21eea9ad2f5cd5ce2fe9774e1f9d44
SHA512

2299abc5c3f22b989f38ebee0785c7dcf75e37c3b2ff119b6852158a259e66f2707eb5c2aec58f106c8a650ab43a334d560a29612c22cb5db51ea5f7113276d1
SSDEEP

49152:JHI3S9an+k0vS0E3eMkNNWgsYTiDCbUbyB6:JuSlk+SB3IadYTibWB6

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
12d9200f2fa543da04bf7e5778e87cca3b21eea9ad2f5cd5ce2fe9774e1f9d44

Files

12d9200f2fa543da04bf7e5778e87cca3b21eea9ad2f5cd5ce2fe9774e1f9d44
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE