73ff7b8ea5c1faa150ae3ce94f90ac80N[.]exe | Triage

Sharing

General

Target

73ff7b8ea5c1faa150ae3ce94f90ac80N.exe
Size

2.0MB
MD5

73ff7b8ea5c1faa150ae3ce94f90ac80
SHA1

c0d1a662291fe81a9ed4da636c28007fe6bfbbec
SHA256

b2810476c9e4bc28ba1df952d7e33f8727cabceeb542c2272776fdf6c64fed8e
SHA512

03541bf09e4e233c9af022a91646d096f27724f3d6f75f5c9cfa854599cca32c253146c530b9e49bc71cb84a9a8f8b66f98b29f895e68571c96631110326d230
SSDEEP

49152:brcYDbsu9oiWpI9As9gVdtVBzKweo29LGF3zEs0J3lM:brzDP9L9Ai+dtrKwioBsu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73ff7b8ea5c1faa150ae3ce94f90ac80N.exe

Files

73ff7b8ea5c1faa150ae3ce94f90ac80N.exe
.exe windows:4 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 56KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bvxzt
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yno
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vzkj
Size: 512B - Virtual size: 4KB

.kemyz
Size: 512B - Virtual size: 4KB