2986a5025c3e1bcc210c6455b72fdb70 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2986a5025c3e1bcc210c6455b72fdb70
Size

529KB
MD5

2986a5025c3e1bcc210c6455b72fdb70
SHA1

f6461838d3e9ee1c75f7ab87d4a82f5cd5d29a00
SHA256

31feae8b489e47dc70a2b42fa51cd768ceafefd3971dc81289560a1b9161d0f7
SHA512

9126948af94e77b071444936539f0c0d72d3ebd90789d11f34328009991299c5654934b75c7c36e0e06c37c26c598311a91a43c42220b6c644257f24bc44cb3f
SSDEEP

12288:xEQoS+qhIJGF57E9BsxlsjOG/8rGClGtEy+KEMp:xnIU5g9BsxWV+GClvjK3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2986a5025c3e1bcc210c6455b72fdb70

Files

2986a5025c3e1bcc210c6455b72fdb70
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qhx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sy
Size: 512B - Virtual size: 4KB