81d0b1cde39c78da0cea86801aa6091fdbc7b184cad24cba8064bcecc3e6334a | Triage

Sharing

General

Target

81d0b1cde39c78da0cea86801aa6091fdbc7b184cad24cba8064bcecc3e6334a
Size

204KB
MD5

b6a46b38c9f1816ef90189e857e33f89
SHA1

27a9be68bfe5b5178d1d68a2faa3870a3732eb62
SHA256

81d0b1cde39c78da0cea86801aa6091fdbc7b184cad24cba8064bcecc3e6334a
SHA512

14860b5de1ba5719e60f392bbc5134b8d3446d33ce8c989ce8d69bfc25409d616e44778e95545d4f3f6c452e417618f9e7e8535e20cbc45459456b2e2d71ff06
SSDEEP

6144:NPDLCLqIo5R4nM/4b1+Le/ozSuGA6fij6:NPKL+qT1+IozSRFfij6

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81d0b1cde39c78da0cea86801aa6091fdbc7b184cad24cba8064bcecc3e6334a

Files

81d0b1cde39c78da0cea86801aa6091fdbc7b184cad24cba8064bcecc3e6334a
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.lygia
Size: 512B - Virtual size: 4KB

.o
Size: 512B - Virtual size: 4KB