5bf216cde0cb1d429133c9566d682507dcefa2cc6e1a1a54f0dc9e0fd6bcbf26 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bf216cde0cb1d429133c9566d682507dcefa2cc6e1a1a54f0dc9e0fd6bcbf26
Size

151KB
MD5

221b3e1d84df87e5135cdb818a2c6d79
SHA1

d79975a74a98f98134628e10f4fbb0b1e616b107
SHA256

5bf216cde0cb1d429133c9566d682507dcefa2cc6e1a1a54f0dc9e0fd6bcbf26
SHA512

f10882b57a326100f40bf84f592030f9035d84806e356ee3900716adf91c1f58837d514195c29edf059404257ff97aaf5457d669de7cb1ee8a47e2fcee904d58
SSDEEP

3072:5FXa6uj4diHrOJRsELgv0nBJfiuj1iEE2RC7B6fdbilLbIkgIQ2H2c:fu0iHr6uLv0L6A1ib00AfdbilXIkxQq

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

5bf216cde0cb1d429133c9566d682507dcefa2cc6e1a1a54f0dc9e0fd6bcbf26
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 344KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 141KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 464KB - Virtual size: 461KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ