86bed37e7c29be3125f49ecda8152a22e630822169b37e88da0510e149399555 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

86bed37e7c29be3125f49ecda8152a22e630822169b37e88da0510e149399555
Size

584KB
MD5

9a66f7fe5818ebed80fa723a23aae554
SHA1

136e1039d73213d1594954df4605de2c7278e38c
SHA256

86bed37e7c29be3125f49ecda8152a22e630822169b37e88da0510e149399555
SHA512

9c80f6f4e674e077c7261a02a185bf0266923da6b8ad4e84e762fd7487d58ca781f94d712a9f7cc2d68d84d1b6b0625c27b3909424d3a3b12254152aba3cb7f2
SSDEEP

12288:6plrVbDdQaqdS/ofraFErH8uB2Wm0SXser5FU:WxRQ+Fucuvm0as

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
86bed37e7c29be3125f49ecda8152a22e630822169b37e88da0510e149399555

Files

86bed37e7c29be3125f49ecda8152a22e630822169b37e88da0510e149399555
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Exports

Exports

?EngineProc@@YGJHIJ@Z
?process1@@YAHHHHPAD@Z
?process2@@YAHXZ
?process3@@YAHH@Z
?process5@@YAHH@Z

Sections

UPX0
Size: 330KB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 188KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE