516484242324b0a5ee900daf9271d184 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

516484242324b0a5ee900daf9271d184
Size

254KB
MD5

516484242324b0a5ee900daf9271d184
SHA1

ac30e6838c1673227e357713a16e47c99f1172c8
SHA256

c63809f2dac281e17a90084a794c09b88714669e886b4c55905dcc6cf14b4ce3
SHA512

e9058ce76644d90feb4603a07bc25a3ae6c513b275942af0c9ab35354e78ad91163dc5aeca63e173091cf3278bd4a27d768340dbffa4dec7d9b342806e227694
SSDEEP

6144:NPDLCLqIo5R4nM/4KPI9Gqg5jSLEvswdCEEfL7kdzl9:NPKL+qSPI9Gqg5BvD5Vv

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
516484242324b0a5ee900daf9271d184

Files

516484242324b0a5ee900daf9271d184
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB