a5fbbfc3f2d0884e224ab0cfa2db853eeb9e98a5c55f33ea52e846c089f27f0e | Triage

Sharing

General

Target

a5fbbfc3f2d0884e224ab0cfa2db853eeb9e98a5c55f33ea52e846c089f27f0e
Size

64KB
MD5

493a28e1bba3a5229610d7363579aed0
SHA1

5289ac11cceb02dc427c2c98fc33f9104b8d9491
SHA256

a5fbbfc3f2d0884e224ab0cfa2db853eeb9e98a5c55f33ea52e846c089f27f0e
SHA512

557358dd29c80060f9e66af849811c3f4276d3781dfd8cf08d160a23e4d1fd6d55951434d62dc91ddcbb8d984df73d003fec36864bb8db86f9c67fd082afad8e
SSDEEP

1536:i8dGUth5Oi+Z3jKoE3pQdxvDE9sWVKjgnVJEoa:iAtAnUpQrQ9BkOa

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a5fbbfc3f2d0884e224ab0cfa2db853eeb9e98a5c55f33ea52e846c089f27f0e
.dll windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rmnet
Size: 56KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE