5a5729d327323ddd5e3b1aae0e550f4cd078bbf03ee19084175e2d98e155a5f4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a5729d327323ddd5e3b1aae0e550f4cd078bbf03ee19084175e2d98e155a5f4
Size

34KB
MD5

a2df88558f6b448eed0f42623e5a2780
SHA1

827496400c519dbda7c6d4f73cec36c8a98e979a
SHA256

5a5729d327323ddd5e3b1aae0e550f4cd078bbf03ee19084175e2d98e155a5f4
SHA512

48c71cd840b1ff4ef7bf42e5a0d23321cf1f7be6a223adc945b1882d593e450d034f2c7aac2b1e8d9c0ea07c214d5b9e1fceb70c9e0c6278254d50c5c14df0ab
SSDEEP

768:tmjKBs5trtl7Yz0p9rBjjwe9JwlpNtS2Xi/6OFiQ6i:hMtsSJMpNtjg6wY

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

5a5729d327323ddd5e3b1aae0e550f4cd078bbf03ee19084175e2d98e155a5f4
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 29KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 4KB - Virtual size: 32KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE