0a529cf0035c3e4d174545dbc4eaa697a64a2298acd902740c91ae26ecb63726 | Triage

Sharing

General

Target

0a529cf0035c3e4d174545dbc4eaa697a64a2298acd902740c91ae26ecb63726
Size

442KB
MD5

373c6219efb1bc65fd477fa1645ca12c
SHA1

aef11fedbb51cb4994c92c83e7bbe7d099fd2f6a
SHA256

0a529cf0035c3e4d174545dbc4eaa697a64a2298acd902740c91ae26ecb63726
SHA512

cf2f50e84b1f49e032d23027b2b4843bbc592843ef83a2bb0c376e5892d75a24ec8089d1f61a5458bd1ba0cf2782b6ac4557a427cd13e76e7c481b1a973c7346
SSDEEP

6144:OZmsQhU+bZVx5rLKJzu6gLP44Zw4DydqFncEOkCybEaQRXr9HNdvOaXqL:qUF30Ngj44e4DyyOkx2LIaXqL

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a529cf0035c3e4d174545dbc4eaa697a64a2298acd902740c91ae26ecb63726

Files

0a529cf0035c3e4d174545dbc4eaa697a64a2298acd902740c91ae26ecb63726
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 220KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE