General

  • Target

    Quotation.exe

  • Size

    551KB

  • MD5

    235fd45bf6dbc62b5310a71e761ee5a6

  • SHA1

    3ffdfbd18c6259fbc62c3cdc1f82977f9808143a

  • SHA256

    d3956670c2fb4ab0739bff8f47efc5f6accc848960a9ec11e8bb1849dfc8a59d

  • SHA512

    ed7b8ec2019001dfc16ab8161579104cb0d7adf7795507d23d0ddd3a0b455b46d7844e30e56bdf07567c7bff0be124b4d4ad93ad7310bc6c1817b28b3c417d82

  • SSDEEP

    12288:3YV6MorX7qzuC3QHO9FQVHPF51jgc322X3x+XorsE5hl7qS:EBXu9HGaVH35X34pE5hlR

Score
7/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • AutoIT Executable 1 IoCs

    AutoIT scripts compiled to PE executables.

  • Unsigned PE 2 IoCs

    Checks for missing Authenticode signature.

Files

  • Quotation.exe
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections

  • out.upx
    .exe windows:5 windows x86 arch:x86


    Headers

    Sections