General

  • Target

    HEU_KMS_Activator_v42.0.4.exe

  • Size

    4.4MB

  • MD5

    d9aa16c92e6d7586317fd5b44810ee98

  • SHA1

    78a38eb1602ba946aea808bdbea006fa4227afc5

  • SHA256

    57de0e454d59ff0ccec9257d8b3b9d7758ef29544127e7f19379f2583046e889

  • SHA512

    ad8980c759e1842a327300fa3c65db575b0cc8fcbbffb25fbdd9d677155ac87832e7c4538a7da59d0602d6993d52f500a8317bb5bfe731ef5269d0bdb308c76b

  • SSDEEP

    98304:3+S9bgTWa7f1TxeCwBnLIB3DRsKzoVMRuT7mGfVmH68YeOq8:OMcTWa79TDwB8B3DUVLnmKVma8VP8

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • HEU_KMS_Activator_v42.0.4.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections