e7281fbb24b2d9bd58dbdc470d9edbf0N[.]exe | Triage

Sharing

General

Target

e7281fbb24b2d9bd58dbdc470d9edbf0N.exe
Size

6.8MB
MD5

e7281fbb24b2d9bd58dbdc470d9edbf0
SHA1

0e36ef8bbc6e4310c74d8b6cb108cd60ee3998ad
SHA256

5849716d8b6881641d337faac4893898e9f3c611653e1b7dfd0a40fa72066f99
SHA512

1e14eebec0b157ad96ab38feeb05cdbf9457d3b546e6f93eb4c2bc5a954006261872aa89fbc54caad39576e7100a02922cfe6cc76b216ce39e2e3da73ee6b269
SSDEEP

196608:AJW+B2z3L0XElkIXMXJ+6JX/ZZxMptdsuxh:0W+Ez3LLqWmx/pC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
sample	autoit_exe

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e7281fbb24b2d9bd58dbdc470d9edbf0N.exe

Files

e7281fbb24b2d9bd58dbdc470d9edbf0N.exe
.exe windows:5 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

Sections

UPX0
Size: 648KB - Virtual size: 648KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 620KB - Virtual size: 624KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma1
Size: 2.3MB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.enigma2
Size: 571KB - Virtual size: 572KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE