c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0 | Triage

Sharing

General

Target

c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
Size

1.3MB
MD5

cef823eb157b4fa0e8524ed48307f345
SHA1

60d5405cbde42850c6d6f9fc5b7fe1773a720f28
SHA256

c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
SHA512

7b7afd582955f000d62b63f4159d68b7f9d45b8c685e3ad0992ae1eef638cc6e15636adf0dc9fbc6373fd3c58f44f46bf74dfb37a7bb9ec3eae6c74a21b53abc
SSDEEP

24576:Dqmi8tpifdQ8ABVABskA1rz4B8VzWhRTOdlmuC/uZ7R9Ti1wGJRQvZ:umi8bifd+VABnYra3nTOhlxUwGs

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
unpack001/out.upx

Files

c5513671884fc3e02c5812b2a0b1645b8b664c9fb97ca332bedd18c051e591e0
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 644KB - Virtual size: 641KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 313KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ