55f520a08d39b31fcb6a33ecc9fc58a4[.]exe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

55f520a08d39b31fcb6a33ecc9fc58a4.exe
Size

4.3MB
MD5

55f520a08d39b31fcb6a33ecc9fc58a4
SHA1

1331a1aaeee194126b3142558ea7511699ddf339
SHA256

c41b90a7cb696b4be6ef4dbeca736785468249eb226f1dd7e4ae397bf87dd5e8
SHA512

fd602223117d7a7005926694e58a7fdfccfe1e7d1589f99add3d151eab818e837ad87eb60e5fbcb926fd329de548e787410e28ea7fd5bb16fc870099e4a63f5d
SSDEEP

98304:mbK+yhQ0J5E1bzc+1p8e33V73XvENGBSiBXiHWbdj0/NYT:m2+yhnClwU3dvFsiBy2bdj0q

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

55f520a08d39b31fcb6a33ecc9fc58a4.exe
.exe windows x64

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: - Virtual size: 10.1MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4.3MB - Virtual size: 4.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE