5fa2ffece8017bc23ddde4005a6a7ce4 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5fa2ffece8017bc23ddde4005a6a7ce4
Size

87KB
MD5

5fa2ffece8017bc23ddde4005a6a7ce4
SHA1

fdcefba8290e778ad20771b0d8b746dea9b94a6f
SHA256

6a315774c051bdff5c56b9750e0f3031c1020e2988bb1fec0614f2a1ba7c7fdf
SHA512

62650c42dd4844009241d2b1dffa830d9963513056f8879d0a83b8d2a8c488fa4ab4666f75659d23a16518c854a47c8def7b156165a913562da76ec59d2dbb72
SSDEEP

1536:D6a7pW4JRjRBJv4uc9CG6++hN9GKvPzvtneMjAZARJ2PbgNxrc6PTebbW6BCVWe8:L7YeRHJvpN++b9GK7lnZkZ+gP+rc6PT8

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5fa2ffece8017bc23ddde4005a6a7ce4
unpack001/out.upx

Files

5fa2ffece8017bc23ddde4005a6a7ce4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 85KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 164KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE