aae20026571bdd9ba27ef0270b89e990N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aae20026571bdd9ba27ef0270b89e990N.exe
Size

320KB
MD5

aae20026571bdd9ba27ef0270b89e990
SHA1

c998f2a4daad2d135bfc795bbcf95dc5e7c7b99d
SHA256

1b675c11ae870df6e693a4120fdce11df01ce3b13e9b3329b5c98f662b05d648
SHA512

fc515cd89f289205d866b8b5d858c8e5ae4181bcf80f5fab6f41091d0edb1315232ab7a1f64c5a3af17bc979460dd69f86be027ddca741dd883178babdf91ea4
SSDEEP

6144:FM/KCMnvDwudgzPklcx1iYd5E3broZbTO+Rdnyie58Jy4lue/Dvdy4:G4nvcudQPiYdtZbTRbAJer84

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aae20026571bdd9ba27ef0270b89e990N.exe

Files

aae20026571bdd9ba27ef0270b89e990N.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

.nsp0
Size: - Virtual size: 812KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nsp1
Size: 318KB - Virtual size: 320KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

��үү
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.PKLITE
Size: 17B - Virtual size: 17B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 22B - Virtual size: 22B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX1
Size: 31B - Virtual size: 31B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lame
Size: 26B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.UPX2
Size: 46B - Virtual size: 46B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ