259a18e492aa6a5d910e3eccfde17e90N[.]exe | Triage

Sharing

General

Target

259a18e492aa6a5d910e3eccfde17e90N.exe
Size

578KB
MD5

259a18e492aa6a5d910e3eccfde17e90
SHA1

0e272cd2dc18a660e67cfebd1628f4cd64f975fc
SHA256

eca05dc0f0821025f4960868213034d16cf1be9295e5e0bb9ce4aa4d4720317b
SHA512

8852b38eab8045221bf465567d0fbe97786c4d480c0c54795c8d550ee81be1a5b93c2314dac99fe824507faf90322125e3c9533520ec0a9bf4486388888c0005
SSDEEP

12288:0EQoSC4sOMSUUaDeU3r/27+0dqifOPIgdE3SFcZbo3kt:0kDOau7+0BKIgdECFv4

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
259a18e492aa6a5d910e3eccfde17e90N.exe

Files

259a18e492aa6a5d910e3eccfde17e90N.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.jxmnr
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lpkez
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.g
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ