c3270f2e6dc9cda7d4f174bde928d1e09273c0730f39750b9a6a616f696d9c2e | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3270f2e6dc9cda7d4f174bde928d1e09273c0730f39750b9a6a616f696d9c2e
Size

407KB
MD5

df449f53737b4e8f1be8f1188910af66
SHA1

2d2711e08f9ff39d81a05a221ac8ecde6f8e960c
SHA256

c3270f2e6dc9cda7d4f174bde928d1e09273c0730f39750b9a6a616f696d9c2e
SHA512

40a45116bb56eb37e174d96d19517bcf8cdbabbf72663dd3ef23a15664c7a3372eeba0c1a9db7c6a3b326c0af69b8668539493c3bd40d0ef8f58503009ac364b
SSDEEP

12288:UuMvSYOEIj7nzfMTeXF8mtaNMo+NMH+SQ9sjBf:HHzfMTw8Uo0iWuJ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c3270f2e6dc9cda7d4f174bde928d1e09273c0730f39750b9a6a616f696d9c2e

Files

c3270f2e6dc9cda7d4f174bde928d1e09273c0730f39750b9a6a616f696d9c2e
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 525KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE