0e4e8da5238ec3615bef21609044662f | Triage

Sharing

General

Target

0e4e8da5238ec3615bef21609044662f
Size

910KB
MD5

0e4e8da5238ec3615bef21609044662f
SHA1

2b51dfa8108eeaa493d7508be2504d9e5da64cd1
SHA256

41a449dbcbb72dd8114ee96dfc6f4e946d3913cf05ff878301ff75093e293f69
SHA512

fef004049656b506edc172d16fb195d147a925cf0f4b621266926a4b70fe4dd5f12c2465f370d83d7187bf12593da02b0dce93bc3f7a88105f4f818314c76fd8
SSDEEP

24576:SKwXixeW1YC9t23t6TmtI0bM7rko21XX3eK:sixeCYCid/6rk7hp

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e4e8da5238ec3615bef21609044662f

Files

0e4e8da5238ec3615bef21609044662f
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 512B - Virtual size: 4KB