4e25841bc1f39c043791e4e27b0e3f30N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

4e25841bc1f39c043791e4e27b0e3f30N.exe
Size

208KB
MD5

4e25841bc1f39c043791e4e27b0e3f30
SHA1

8886859f5c1f546c14ed167601f618a47781773a
SHA256

826c1207d8f4a04a57b45fe233414f7a3e5c7fbd74e75e21e4b1ea9ebf72e4a1
SHA512

c191023eeddec4845b4a0466f00c52cb5b39d4bb8d441308960b2c90d1f68d1874930ccf386eb0cf8d52da081789dedb5d71849d4d3725f5e98d02d69cc13c70
SSDEEP

6144:TBHX8Ngh6+UyPrw9pBR07U8d6orh7rnI/farQ:t38GLPrS0QeVofar

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4e25841bc1f39c043791e4e27b0e3f30N.exe

Files

4e25841bc1f39c043791e4e27b0e3f30N.exe
.dll windows:4 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Exports

Exports

PyInit__stats

Sections

UPX0
Size: - Virtual size: 532KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 206KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE