51117f8d82e00097817de3b7a7502cb2 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

51117f8d82e00097817de3b7a7502cb2
Size

246KB
MD5

51117f8d82e00097817de3b7a7502cb2
SHA1

87f9eca9e29be991db7eaa4e88cfe0f33e64e912
SHA256

bda936c1684fbb49a609d5e376f1d2e9943035e940ec62d4ba814b2e050eceaf
SHA512

b5648b0735f385888978cf3e31a8faaf5238df3a7011d0229718e2433c0c7cec6ea3209a6f4807dd9466e1067ae3397058844ac949a759921fae67f44aabec00
SSDEEP

6144:wk327RL7ZIDsvNto7QeHorJFAzXG4hSrewzgOoSME0:wj7GQNtuZo1FQM6CoSME0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

51117f8d82e00097817de3b7a7502cb2
.exe windows:6 windows x86 arch:x86

Code Sign

3d:54:c6:fb:0b:cc:5a:cb:8d:9b:67:e9:08:05:33:8d:e5:a1:21:01
Signer

Actual PE Digest

3d:54:c6:fb:0b:cc:5a:cb:8d:9b:67:e9:08:05:33:8d:e5:a1:21:01

Digest Algorithm

sha1

PE Digest Matches

true

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 212KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 239KB - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE