up[.]exe | Triage

General

Target

up.exe
Size

6.0MB
MD5

8425e673b6094a7aed403ce9e929e5ea
SHA1

64a5177acccf40a75f15d007f087c59427e9945f
SHA256

ca29f7a737b13b21c5a655bfc4beb5e224a2d210c849a92522139fcb743e3026
SHA512

702b3a58755c5dfcf23583f62b7f5e18a87cb028cdf2e91e0713d9a4a1042784fbee9e2d3836db3e7ffd1c325e9e0563bff15f8586a10dc76bf1a16453facf35
SSDEEP

98304:pWE5GCucN+rbyT++M8kbsFNs2lKi7Og4IBfdfPYktuQN0FjS50Qp6HU5:p95Evrb0MJb8Rsi7nRBAktJN0FmmQWU5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
up.exe

Files

up.exe
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

Size: 461KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 29KB - Virtual size: 52KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 39KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4.7MB - Virtual size: 10.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 335KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

Headers

File Characteristics

Sections

Size: 461KB - Virtual size: 1.2MB

Size: 29KB - Virtual size: 52KB

Size: - Virtual size: 56KB

Size: 12KB - Virtual size: 16KB

Size: - Virtual size: 4KB

Size: 512B - Virtual size: 4KB

Size: 39KB - Virtual size: 76KB

.rsrc Size: 4.7MB - Virtual size: 10.4MB

.data Size: 335KB - Virtual size: 336KB

.adata Size: - Virtual size: 4KB

.rsrc
Size: 4.7MB - Virtual size: 10.4MB

.data
Size: 335KB - Virtual size: 336KB

.adata
Size: - Virtual size: 4KB