2e4d4a1495039183d6a0dbc29eaa76a607afcef6496a0217bd6a56cd429cdf3d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2e4d4a1495039183d6a0dbc29eaa76a607afcef6496a0217bd6a56cd429cdf3d
Size

11.2MB
MD5

b1bdd3c103b4d9df2936e619721e65b4
SHA1

061aea1d2f62132a73a4e2a180a0e969d8346655
SHA256

2e4d4a1495039183d6a0dbc29eaa76a607afcef6496a0217bd6a56cd429cdf3d
SHA512

7103cf38ffdca666ac432cf11ac9d0ff77808045c941318240be0edc9a7a0bdb1708ba361f9765c9ab529df92b1e4657e1fdcde17491b51734647fe0f8675ef7
SSDEEP

196608:KbW8IihkfVk4K6A824RFvxCPYuPwm2QCA4xjs8XAy5PP9JjZ7FhuVgAWqY3sjBiB:MIiwxAePxGIA6gqq2

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e4d4a1495039183d6a0dbc29eaa76a607afcef6496a0217bd6a56cd429cdf3d

Files

2e4d4a1495039183d6a0dbc29eaa76a607afcef6496a0217bd6a56cd429cdf3d
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 24.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 11.2MB - Virtual size: 11.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE