General

  • Target

    WhatsApp Images - INVACO PVT.exe

  • Size

    647KB

  • MD5

    f62ce68dfaa4fedd2fa52462cacfb469

  • SHA1

    08b72552d6b1dd32700b2f793c808693a4149709

  • SHA256

    d35ce3c05cc9670b5f3f0ec95f63e0ac8d3df6aae8bb2243cda70f9ceb99230d

  • SHA512

    a96ce720d33c425f1ff4816b1b715a3843161d301d805d5593f150a419387bf3b1fa16b94e1cdaa6a9c25a018592d127b90d47c19b44a9a080da77826ca81b68

  • SSDEEP

    12288:2sHzOUNUSB/o5LsI1uwajJ5yvv1l2HiG84Ol2YK7AP/0oBW4D+:ZiUmSB/o5d1ubcvqgtltOA0oh+

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • WhatsApp Images - INVACO PVT.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections