68d0aa9c8201b7cf6e10d03731d31ac6e063ed3c07dd0edb4ef8108f58d7ccab | Triage

Sharing

General

Target

68d0aa9c8201b7cf6e10d03731d31ac6e063ed3c07dd0edb4ef8108f58d7ccab
Size

137KB
MD5

913f8f8135483ee07a0bae74b4f54bc0
SHA1

18fd90fb7712a660048ab8b3ef93e77bdd447557
SHA256

68d0aa9c8201b7cf6e10d03731d31ac6e063ed3c07dd0edb4ef8108f58d7ccab
SHA512

c2dbf280eab6924552a72c50455eeb5874108ed003c17c4bc46bb84c1e1f289761db46bc53aee07217b41ea7f5284c7631f4b2f3079776aeee79aa378cebace5
SSDEEP

3072:jdEUfKj8BYbDiC1ZTK7sxtLUIGf7fKCibr:jUSiZTK40PfKCibr

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
68d0aa9c8201b7cf6e10d03731d31ac6e063ed3c07dd0edb4ef8108f58d7ccab

Files

68d0aa9c8201b7cf6e10d03731d31ac6e063ed3c07dd0edb4ef8108f58d7ccab
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 496KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 75KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ