5adffa60064fa8caf548d75f61201f076b2942ef7304974faa3f09efa587790f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5adffa60064fa8caf548d75f61201f076b2942ef7304974faa3f09efa587790f
Size

261KB
MD5

fea1f52563dfddc232acf4db2fc8e595
SHA1

ab11dd5da4b9c7059599ababc051c4b5bc73eb29
SHA256

5adffa60064fa8caf548d75f61201f076b2942ef7304974faa3f09efa587790f
SHA512

aa49cbeb06d48c62acc2f9b23a4a3519688fb9b713bc84fee2b08d350dbcc9c49a59ce5177bdbad015724ee5a9cbc71f5fea625ae0e291cc2a3162c0739457f9
SSDEEP

6144:RCqOMzjT14UVA0waALRWmN5yCd9dXd7F2f0zwVzAOGwckWSw:4qpvGUy/ai4mN5PF2EOJGn

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

5adffa60064fa8caf548d75f61201f076b2942ef7304974faa3f09efa587790f
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 660KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 382KB - Virtual size: 384KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE