76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
Size

497KB
MD5

1183f3ae6732abee2ac76d895c39b306
SHA1

4ad33b5709e7c37e36bf1f9e5e2f0560391a65db
SHA256

76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
SHA512

df1a76c63cffd2a92ec21eff8b3c7ad85fc275a0a981fd0e6045d765553740fd38b7cbf6cadcc174257e75f7b1c2c6763242b85500f7d4075f64520a9ce68ad7
SSDEEP

12288:CEQoSsLC1jmMe6D1FlxjN0YdVyb17Vsw0wkDXiIRwA:CrjmMtDHlx20YbJVswRcXiIRwA

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296

Files

76c3c45b93299ed0cfe2fa9c20b51f5307097c9ea88418b2024d95b5bf11c296
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.d
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE