801066b3e4c457114bde502ffb7c64c7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

801066b3e4c457114bde502ffb7c64c7
Size

678KB
MD5

801066b3e4c457114bde502ffb7c64c7
SHA1

3608481b2950d8c8ebae46f5ca534fa52e077a89
SHA256

5f83fa1680837b776b791265f2073ff71fac5876f22557550d357db017afa8df
SHA512

cfaeb65d01cd60f107e9687768f438302747915083e6cc69f5a5aed1ea2fbd1bcbbf6e041f01b3bd8cc34bd1f7e4eed7e1ddbd77f8528395956a0e522c35dd5a
SSDEEP

12288:SEQoS/+V+Mtgu/6rwtlQe++ryONl/kq6T5+F9AHT+HQSzoT/3J2KBrH36:ScculY+B/9iPS0T/52KNH36

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
801066b3e4c457114bde502ffb7c64c7

Files

801066b3e4c457114bde502ffb7c64c7
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 512B - Virtual size: 4KB