81080e6129580f31d41dba59ec69e8bef38736dfcc223d50a3b4aaccf711046f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

81080e6129580f31d41dba59ec69e8bef38736dfcc223d50a3b4aaccf711046f
Size

991KB
MD5

f0f6f5969c92b6bc9cc7b694e597980b
SHA1

693413456cb6af512950a84a6f0fa056b45e1099
SHA256

81080e6129580f31d41dba59ec69e8bef38736dfcc223d50a3b4aaccf711046f
SHA512

48782629c8c10676e15f0d3696cc2d498c6270204a7385072db0a69a2aaa6fa0b32f38ba93ac177a69494ca5d7e08c89e7c7a81e662bacc8902721a45d62d90f
SSDEEP

24576:bv2BLHSn6q1v8c5YNei+1ZC58vH8sSMv+WFzQa1bek:bxn316Nei+1ZCQ8sj+WF1N

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81080e6129580f31d41dba59ec69e8bef38736dfcc223d50a3b4aaccf711046f

Files

81080e6129580f31d41dba59ec69e8bef38736dfcc223d50a3b4aaccf711046f
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 217KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

mgrq
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 740KB - Virtual size: 740KB

IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE