05afb527ed3c221e29375b7639f22099 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

05afb527ed3c221e29375b7639f22099
Size

10KB
MD5

05afb527ed3c221e29375b7639f22099
SHA1

8bc3ba36b0038772286a103cb910e999ee1dc0db
SHA256

c2f9a25986cc849d769f36fee03c0bc93d9f954eeb90fce6a0d4f81f0b9b605a
SHA512

51554f7ea1c8ce0c10a319f2992c0c587d6f3e6c30dd502d3c3aa2cd6061d42013fef8c416fe71560bf514491288442d08680b21d7c7f0c39b745cb5b3a0a6a0
SSDEEP

192:v7FpG9U8Byb2lBlQ5Pt5YWqqFVIb0Y9Co4LekwahPFCbTEkMBR:z2u8BhM5P3bqqF9HoOVhPFCbT8r

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
05afb527ed3c221e29375b7639f22099
unpack001/out.upx

Files

05afb527ed3c221e29375b7639f22099
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe .vbs windows:4 windows x86 arch:x86 polyglot

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE