3150133529de089917e536ec2a54475ac6f520dcc7ff8b0f6f1587232f7bddd1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

3150133529de089917e536ec2a54475ac6f520dcc7ff8b0f6f1587232f7bddd1
Size

1.1MB
MD5

a986bec4dd4e2f926c3981c5f348bfa5
SHA1

f9d6e3f99b8aa8781041459a4383579cc6917ec3
SHA256

3150133529de089917e536ec2a54475ac6f520dcc7ff8b0f6f1587232f7bddd1
SHA512

49db02c10bca34ffff942eee562a11162871e3d40c3076a890c1a72bdeccf102900bb7aa31c5b91bb71bc6e7e7e46e9d888dedde49b499e1a803c33378cb483f
SSDEEP

24576:NSLY/PNcJaIgCZ+LDHXnZZPbodwbwC25FmXekGMAMUP5265:N7aJagQ/HXnZd0dwbcLdiAMUPF

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3150133529de089917e536ec2a54475ac6f520dcc7ff8b0f6f1587232f7bddd1

Files

3150133529de089917e536ec2a54475ac6f520dcc7ff8b0f6f1587232f7bddd1
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB