2A58E995450C2B5C22E73386A861933ED0C11F34CAB59EEC2076DFF6291D1A1B | Triage

Sharing

General

Target

2A58E995450C2B5C22E73386A861933ED0C11F34CAB59EEC2076DFF6291D1A1B
Size

4.0MB
MD5

5a4e5454977ef57754968be2b696adcf
SHA1

0a008f2cff955a31ad28efa8638c1aa7a31a1fde
SHA256

2a58e995450c2b5c22e73386a861933ed0c11f34cab59eec2076dff6291d1a1b
SHA512

861f29bcef1493642f6cd67e5af7ebcc808dbee71c246661b2589cc1fa194590aed61a913a834a96b49c5c4e67a08c69ed412817bb5707af6f38a5ca7661b6bf
SSDEEP

98304:iLibQ0j4sOdtAaEmufAwJeKF/qna8tGVH2dveYcgq35RTjYE4:iGbQY4ROaVur2oVMcgq3DYj

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

2A58E995450C2B5C22E73386A861933ED0C11F34CAB59EEC2076DFF6291D1A1B
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 9.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.0MB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE