3868ee72fd5d5043e6cf1c559bc4f2a8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3868ee72fd5d5043e6cf1c559bc4f2a8
Size

1.5MB
MD5

3868ee72fd5d5043e6cf1c559bc4f2a8
SHA1

e660a18cf518ff76cc271d1469094e52f66d0682
SHA256

682b02013ec95d68baf4b1b0012731dc61716dda470c8834c5e3b0e760c5e4d2
SHA512

a8d2604b08952ad5b82cfe49413642d463ccf9d64f4265ebbebb933ce5547fb2fbad2e572ceab781fcbcd303e61001d2d452bc3b02af35a9f23b2f5d7d9f2382
SSDEEP

24576:ZJ8Iuu8h+qXNfPh+fq2zCsUWifYxnUrtLZKv6nWgwlO7EJwIPwNYDVtAkJ+aIQ:D2u8hNXNfPh+l4fYEGcWDlOAeIwSnAV8

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3868ee72fd5d5043e6cf1c559bc4f2a8

Files

3868ee72fd5d5043e6cf1c559bc4f2a8
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.exjvk
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ