b73fe16a16c05b419706179a8083b660N[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b73fe16a16c05b419706179a8083b660N.exe
Size

487KB
MD5

b73fe16a16c05b419706179a8083b660
SHA1

74d5f168b40ad4e4e8de88c137a74812fcf0b98c
SHA256

37902d9ad9448a325cf82e558c2dac5ad2a50b0204fe9a43eaaa1e8856014b54
SHA512

457909c0b16df2eaafb420c70bffb2b7a218eb30ea4b5c06d7fdf0eff7fcbc135a3970ba354f14144689821bb93a1ee2f9655fd49149e2a1c869f40fdad68855
SSDEEP

6144:xcm4FmowdHoSkhraHcpOFltH4t+IDvSXrh5g8hZTydOAkOCOu0EajNVBZr6y2WXK:74wFHoSceFp3IDvSbh5nP+aj

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b73fe16a16c05b419706179a8083b660N.exe

Files

b73fe16a16c05b419706179a8083b660N.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 104KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

tkjdelw
Size: 40KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ