0e0c5e9ecc73fee867200d41d5134f19 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0e0c5e9ecc73fee867200d41d5134f19
Size

639KB
MD5

0e0c5e9ecc73fee867200d41d5134f19
SHA1

95a9f083ccf998afd117ff8abeb1f98806f56949
SHA256

f30a4e83832f273d2ee0c7d33eaff4f124f8b02d701836282c1d557c1271ff4d
SHA512

cb1c2f4299d446c88982a66800b36cd829c1ae039fd43a431017ea75b854e40a4dc40d4c15fa411b7c352c9b4ec891ff410e5e3753eb3b3f98905014063e71db
SSDEEP

12288:tEQoS9qhFv9g2U+z922+WDqyvcdvtImuGXomaI4Ex6kceAPriPDRNV4:t23rUQ9vqyvcdvt+G4mn446feAPrKV4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0c5e9ecc73fee867200d41d5134f19

Files

0e0c5e9ecc73fee867200d41d5134f19
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.btnj
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.t
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE