ad8b521bbd27a70f11efe4ea52a87c8eb22bd3756ee59faf74748532db32b619 | Triage

Sharing

General

Target

ad8b521bbd27a70f11efe4ea52a87c8eb22bd3756ee59faf74748532db32b619
Size

147KB
MD5

033397b1f425a2365d968c7eee6dd20c
SHA1

bb2581ab17a217658ed962e9b264b4ae4c7e56f0
SHA256

ad8b521bbd27a70f11efe4ea52a87c8eb22bd3756ee59faf74748532db32b619
SHA512

5a23bbee2c616ec8f8c9a7d92435a915f5a8a1334418d949597932093cdc31376453d02823a6a9c48230edab90e7460ff66ee23f62ef6c78f54731af0139ff40
SSDEEP

3072:eI+53XAqf8nFyyDyZ9AaS0z3pX3ejsPY8kfGk4ic2e7e+xZwVC0aH3rsA:eh5XXf8F3D+Aah5eYPY8keO1+e+xZSC0

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

ad8b521bbd27a70f11efe4ea52a87c8eb22bd3756ee59faf74748532db32b619
.exe windows x86

09941b76de3e4b4a5d7ea667a491e737

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetCurrentDirectoryA

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA

shell32

ShellExecuteA

Sections

.text
Size: 1024B - Virtual size: 875B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

UPX0
Size: 144KB - Virtual size: 380KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE