8af67de66d0520cf3662993be7135eb3ae0129b6590c1f3b65144d47bb870366 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

8af67de66d0520cf3662993be7135eb3ae0129b6590c1f3b65144d47bb870366
Size

111KB
MD5

56832a0066ab004179332dc9da5bb858
SHA1

7a0a6a5664cafd9bedda8aa8366d8003ea5b2f16
SHA256

8af67de66d0520cf3662993be7135eb3ae0129b6590c1f3b65144d47bb870366
SHA512

5222b67050ff57f89dcb234ecd5e84e4f411201408eeca5485801519429c3e3aa3111f2f72f2f52935acb9713007478c849b94460b1327bab4c873c85606dac6
SSDEEP

1536:ELNIW39SaZTbFARlq7jC1OZstZu0TSVEdUJWTWd18fD:ELlbZTZX3BAtTSVEdUJWTWd18fD

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8af67de66d0520cf3662993be7135eb3ae0129b6590c1f3b65144d47bb870366

Files

8af67de66d0520cf3662993be7135eb3ae0129b6590c1f3b65144d47bb870366
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE