0a6232c6b6f8865e86adbd8cb235b51a85bfd27ac34555aacb82d15a40e226d8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

0a6232c6b6f8865e86adbd8cb235b51a85bfd27ac34555aacb82d15a40e226d8
Size

4.9MB
MD5

a8f9c2b3d2d4a529eb7087615660401b
SHA1

527699d03466a6178e793c1239346c531ada8f6d
SHA256

0a6232c6b6f8865e86adbd8cb235b51a85bfd27ac34555aacb82d15a40e226d8
SHA512

c2f93e1ae162df6e303f6f1e9af8a3b09514f83410202816f87302aaa6cc622679579e7365a80a704d458cfd74af6d3d124761590959edbf9b8583f846a4a440
SSDEEP

98304:wl9dDf47aIkWB0RqgXghp9HcsWmz7c/xo9c:m9YaIkWaRvghf179c

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a6232c6b6f8865e86adbd8cb235b51a85bfd27ac34555aacb82d15a40e226d8

Files

0a6232c6b6f8865e86adbd8cb235b51a85bfd27ac34555aacb82d15a40e226d8
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 10.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.9MB - Virtual size: 4.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE