63eb7856ec1282ab8151f5dcc753c92149e1c45371746c16a776eaeb1f2a7ebe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

63eb7856ec1282ab8151f5dcc753c92149e1c45371746c16a776eaeb1f2a7ebe
Size

218KB
MD5

f891a2387d6056abfa6015282f5ebbcc
SHA1

728f025360cf24b4500765a10a53555340cad906
SHA256

63eb7856ec1282ab8151f5dcc753c92149e1c45371746c16a776eaeb1f2a7ebe
SHA512

0c052539c896c94c252b7f982ae3c119686c37bdc10114455b9c27f8d316ff8ecec46dbd28208b8f7344546a3de441da2f1044fbeb379816907abd3e1528e904
SSDEEP

384:iCOb9DtMLKquLZH5RplV9Q5i3WLwhCVurJV0aKGQS6hL0VwFD8UKpY1X3mh:12MLK5NHrxc+fuco2UKpY1X3

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63eb7856ec1282ab8151f5dcc753c92149e1c45371746c16a776eaeb1f2a7ebe

Files

63eb7856ec1282ab8151f5dcc753c92149e1c45371746c16a776eaeb1f2a7ebe
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: - Virtual size: 60KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tc
Size: 195KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE