General

  • Target

    4369a932cc794beb24a7cb49607d29e00da918be302bf67d2c8fce7f02635bca.exe

  • Size

    152KB

  • MD5

    ffe46ff29f379462c416c8e7c7816044

  • SHA1

    bc6f80661819aa1611eab73d5ffe368cfe1d1439

  • SHA256

    4369a932cc794beb24a7cb49607d29e00da918be302bf67d2c8fce7f02635bca

  • SHA512

    1a8409df32a7717b5186ad30d4f3613a30739c36e845539836e069d1800a8b0953c38aa58e17b183f76dcd236bfbf3d5467ada1e6d3f70e91b2a29d6a58e24f9

  • SSDEEP

    3072:QvnBaaWJ89cnN5eo749OJo9VD96fzfZNHhUPdcLF3iA:QvncX29cfv40Sf9ENHuPdk3Z

Score
5/10
upx

Malware Config

Signatures

  • UPX packed file 1 IoCs

    Detects executables packed with UPX/modified UPX open source packer.

  • Unsigned PE 5 IoCs

    Checks for missing Authenticode signature.

  • NSIS installer 1 IoCs

Files

  • 4369a932cc794beb24a7cb49607d29e00da918be302bf67d2c8fce7f02635bca.exe
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections

  • $PLUGINSDIR/System.dll
    .dll windows:4 windows x86 arch:x86

    4ec328f99bdd944fc98d8a5cf11f7a62


    Headers

    Imports

    Exports

    Sections

  • $PLUGINSDIR/UserInfo.dll
    .dll windows:4 windows x86 arch:x86

    48cfa0ea7e353e4a7dd23572da8374ef


    Headers

    Imports

    Exports

    Sections

  • $TEMP/gtalkwmp1.dll
    .dll regsvr32 windows:4 windows x86 arch:x86

    09b4009ab39e5a5e4279f4e16a986352


    Headers

    Imports

    Exports

    Sections

  • out.upx
    .exe windows:4 windows x86 arch:x86


    Headers

    Sections