53ab4dc8d9f6d615917214b0d986115096e911c7da93d6dde1d26b63e68c38c0 | Triage

Sharing

General

Target

53ab4dc8d9f6d615917214b0d986115096e911c7da93d6dde1d26b63e68c38c0
Size

307KB
MD5

0d5bb88408dcbe17881d8ca63d61d014
SHA1

4ffa2198394897377f69282a0afc770085630826
SHA256

53ab4dc8d9f6d615917214b0d986115096e911c7da93d6dde1d26b63e68c38c0
SHA512

de078616bbbca3be1c6e07105b0faeed68835f2effd82c6a1de4fcc1be08b780a65dd6aadee5f842710020eb1c31b1c4214ab3c6737e74602fc15fa5d44d594d
SSDEEP

6144:j1db49+rEg024fpLZazEjvE/rbay19tSt4bO2BaDmeBJe/ZVJy2wvw8fWk:jjkArEN249AyE/rbaMct4bO2/vLj8J

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

53ab4dc8d9f6d615917214b0d986115096e911c7da93d6dde1d26b63e68c38c0
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 452KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 263KB - Virtual size: 264KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

qtdusdz
Size: - Virtual size: 4KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE