5ac8a8335b069169ad4c25015f47a9e7748b9eba0dc25b2eec592a00e65c228a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ac8a8335b069169ad4c25015f47a9e7748b9eba0dc25b2eec592a00e65c228a
Size

407KB
MD5

7241e1c6f71ebe002695c1fd2ddc5248
SHA1

c82d70fe5cfe2a14f73e9a95b921f7727902ffee
SHA256

5ac8a8335b069169ad4c25015f47a9e7748b9eba0dc25b2eec592a00e65c228a
SHA512

2e2cade289b9bd273f2eca8f58eba42a28949eec83bd5f94d70f4b3542260aff5ff03d9af8346a0c7e4ea9cd0be3456dbfa8a71a9b7086db25432cc23491689b
SSDEEP

6144:VTNP6KfUYq2NT27kPSb8iGzZwf7t/VwpALbN6ehVvQB7YHZaTFVSek3lnxiVy5:X6UlJ27ASblKZct/V4WbZQ8eSlnxp

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

5ac8a8335b069169ad4c25015f47a9e7748b9eba0dc25b2eec592a00e65c228a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 552KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 404KB - Virtual size: 408KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 460KB - Virtual size: 905KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ