4819e88e53a378a78290ea49ee80b120695647beaf52952a9a143c6a5bd1fcb6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4819e88e53a378a78290ea49ee80b120695647beaf52952a9a143c6a5bd1fcb6
Size

648KB
MD5

4c05c7bded47185197e39c40625e5e39
SHA1

54e60c2b58633ee80753fdaa7ff9481d190ff9b4
SHA256

4819e88e53a378a78290ea49ee80b120695647beaf52952a9a143c6a5bd1fcb6
SHA512

7b3a40c4764b437b8e92320e678b26674893a8009fd70717071df04cf06f2df6c62e62ad62c49bbdf3061ea64cdb643efb5f4a29ae1c3ea8c9fcd2da8d169c6e
SSDEEP

12288:eQHjYu/7YNUkL2QNHJ7bYjrE7yGslRtkLczgKwT0L34vST/Cw9brN0sC:7cu/7OZL2QNBkiy1zbwTI34vSZbhBC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4819e88e53a378a78290ea49ee80b120695647beaf52952a9a143c6a5bd1fcb6

Files

4819e88e53a378a78290ea49ee80b120695647beaf52952a9a143c6a5bd1fcb6
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 1.3MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 525KB - Virtual size: 528KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE