aa4b856432d668ec579c5b66b9fdf1a7dbc5883937b31652dc10be8b3c9bb545 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

aa4b856432d668ec579c5b66b9fdf1a7dbc5883937b31652dc10be8b3c9bb545
Size

1.0MB
MD5

5b1545408aaa887ec34db6ae309d8f8a
SHA1

93b8ab2dda9e04d10ae6d432823ea494464fb712
SHA256

aa4b856432d668ec579c5b66b9fdf1a7dbc5883937b31652dc10be8b3c9bb545
SHA512

bb1349ceea3ba1bab5f0077db318ae05651e4c71a7fa0d07fdf70a1d3b2c3deaf6f44db6644372d01a808cac07802c4d4b332f20920147778c7d072808711dd8
SSDEEP

12288:mS8IUOrpNJXBG53uM0LXcCglIJbV6tQFeG:mS7UkprXIf4XZglSV6tQFeG

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa4b856432d668ec579c5b66b9fdf1a7dbc5883937b31652dc10be8b3c9bb545

Files

aa4b856432d668ec579c5b66b9fdf1a7dbc5883937b31652dc10be8b3c9bb545
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 588KB - Virtual size: 588KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 312KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 137KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

�iZ�u1
Size: - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE