624ed1966a7cf265d473fcf923dd759713cc65969120ae1f9b53fe96ecfc12c8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

624ed1966a7cf265d473fcf923dd759713cc65969120ae1f9b53fe96ecfc12c8
Size

9.2MB
MD5

708ff80a62a07c7736c4239ece3b9534
SHA1

951c3f42fdd57040db6e7ad31d274e0d810f3c47
SHA256

624ed1966a7cf265d473fcf923dd759713cc65969120ae1f9b53fe96ecfc12c8
SHA512

c7be4f9f9e56995a9e819ca0448f57ec1179006c1f5402fe026f83f4b60e1c58ecfa10851ef4eb779f8db5f926be3d0fa89d1d5f8cea27397c3dce3f807d2fa7
SSDEEP

196608:PMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMP:PMMMMMMMMMMMMMMMMMMMMMMMMMMMMMMu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
624ed1966a7cf265d473fcf923dd759713cc65969120ae1f9b53fe96ecfc12c8

Files

624ed1966a7cf265d473fcf923dd759713cc65969120ae1f9b53fe96ecfc12c8
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 80KB - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE