acead61a9803cb3cf8f09328b08864d8817ba5d84b7fb0ec9ce5df705ee80417N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

acead61a9803cb3cf8f09328b08864d8817ba5d84b7fb0ec9ce5df705ee80417N
Size

7.2MB
MD5

4ca220da2d11a5750d8421fefc33d540
SHA1

d0d96b1606f6651f3dda84a225414a79e5180346
SHA256

acead61a9803cb3cf8f09328b08864d8817ba5d84b7fb0ec9ce5df705ee80417
SHA512

a5e8c23357214a22ba42604ab3a3461b22ec90a8b916bc9dce4b6b88e214bd60a61d617368de6ee7b75b954216931d712e95047a15ca1a83c4d7affa6d793f1d
SSDEEP

98304:JKBFgkC9uzxl6E71NKMmw7/eEmeaLnmE:2gW6Ex9/BmLD

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acead61a9803cb3cf8f09328b08864d8817ba5d84b7fb0ec9ce5df705ee80417N

Files

acead61a9803cb3cf8f09328b08864d8817ba5d84b7fb0ec9ce5df705ee80417N
.exe windows:6 windows x64 arch:x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 5.0MB - Virtual size: 5.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 356KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 112KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE