6fe27b5e39590f30b54453dc63a718abc88cfd80716005f302618ce0f98a4e83 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6fe27b5e39590f30b54453dc63a718abc88cfd80716005f302618ce0f98a4e83
Size

457KB
MD5

5570989f8dc1d02292dcf95f8617c15e
SHA1

8ebb1813e5a7ddcb8419c81b844c624cf7e1ddef
SHA256

6fe27b5e39590f30b54453dc63a718abc88cfd80716005f302618ce0f98a4e83
SHA512

d73bae6284c20a8e1c054d37c2b2047d360b363e9195d2334456eb6e2c7e4e04830fb1cb1fdb3faa338ab620508e5b8f890c99fd151db0bcc9c055546600e5d9
SSDEEP

6144:/rTfUHeeSKOS9ccFKk3Y9t9YZjR1ii4KJYjBNDtk/GenjINI1IguWIX:/n8yN0Mr8Z9ybDje11ZK

Score

10^/10

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6fe27b5e39590f30b54453dc63a718abc88cfd80716005f302618ce0f98a4e83

Files

6fe27b5e39590f30b54453dc63a718abc88cfd80716005f302618ce0f98a4e83
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

FKP0
Size: - Virtual size: 18.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

FKP1
Size: 203KB - Virtual size: 204KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE