e262a847a7a3f60683c97b1947eb4dce563da96d6c997a3c6d805ff6fd5f340a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e262a847a7a3f60683c97b1947eb4dce563da96d6c997a3c6d805ff6fd5f340a
Size

12.3MB
MD5

7e2569b380cf98194b2065cbbb7369bc
SHA1

cec50ca87f64f4fb1adebaca53799aca63dd72f7
SHA256

e262a847a7a3f60683c97b1947eb4dce563da96d6c997a3c6d805ff6fd5f340a
SHA512

4c62329590ae96ca39d9dbff583ef769c0889ed88f3d7429814a41490afab9c784911f190d197d97d19337c9fc2b15f609f26346eefdca8e7be9fdee9f7c3094
SSDEEP

393216:vpdVaWUwFkf1wu9FS0LQtn7M+YCWU7IBB1CGG:vpxUwWj9EXB7MVCWoIBBIGG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e262a847a7a3f60683c97b1947eb4dce563da96d6c997a3c6d805ff6fd5f340a

Files

e262a847a7a3f60683c97b1947eb4dce563da96d6c997a3c6d805ff6fd5f340a
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 35.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 12.1MB - Virtual size: 12.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 140KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE