6173286d2c18f203619d824731caeb52cbf2359efcc111c401ee5134f319abad | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6173286d2c18f203619d824731caeb52cbf2359efcc111c401ee5134f319abad
Size

154KB
MD5

855bf31bb9cfd4dd9b29b89664f28e20
SHA1

2b21dd665ca0cf60b028a5739832adccc1091f0c
SHA256

6173286d2c18f203619d824731caeb52cbf2359efcc111c401ee5134f319abad
SHA512

a0b89bc0f8a3bfd410ba39aa64b8c301b73734785a51e2185d62ec5a32252aa497f933db8cc4be9cf8350e5f0a844417fca16111b55ac4361f87ea8282a57433
SSDEEP

3072:Q79l86WqGzIfjZIVPXwu7xXIeout9nr7Xh1aQM:QrzW/zeZiPpOeoS9/Xh0QM

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6173286d2c18f203619d824731caeb52cbf2359efcc111c401ee5134f319abad

Files

6173286d2c18f203619d824731caeb52cbf2359efcc111c401ee5134f319abad
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 89KB - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE