77077c8b8d9027cecead488a4e79cb702d7a864c9300589d58fe117c7a0ef169 | Triage

Sharing

General

Target

77077c8b8d9027cecead488a4e79cb702d7a864c9300589d58fe117c7a0ef169
Size

121KB
MD5

1dfd881fcb5a29eed8117d02adbf4b53
SHA1

653dcd86c0bd75b63f042be53ab1bd832e6e28b2
SHA256

77077c8b8d9027cecead488a4e79cb702d7a864c9300589d58fe117c7a0ef169
SHA512

6cd06e61501624f4522bbdff7135a6098d9cc6d587905854ec32d0e896ac44890ed576764a7fa9c9ebcbfc8ac33616dca22b3ceaa9ba17e9ef5df9a79fc20712
SSDEEP

3072:gjbLl/gvQoutp1Tj4mYWR/RW7ozCxkHSGM7AH8:gjluQoS3Io5RLzC8SGMz

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77077c8b8d9027cecead488a4e79cb702d7a864c9300589d58fe117c7a0ef169

Files

77077c8b8d9027cecead488a4e79cb702d7a864c9300589d58fe117c7a0ef169
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_NO_BIND

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.gtcl
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.kxvu
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.psfx
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oncez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bsp
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ