578b9c0789ddd6d6782d9de801fc6941 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

578b9c0789ddd6d6782d9de801fc6941
Size

139KB
MD5

578b9c0789ddd6d6782d9de801fc6941
SHA1

a810b513b70d3767102659260179ec6185968514
SHA256

8bf1cc01b9e411c8de91bb274d359e014295d605d30d964343456e8bee2a37ee
SHA512

c125cb0ecf472cdca23c61ed4f36ae77ea25b9401ff43eaeeea05b2bf0938dd7c0ae8208728bf036668d27a888d04fde56be40cc1cb3472c530cf4ddf2e219b2
SSDEEP

3072:/bjtonuzGZ5noa/mXjR+h/+DVNIo6fGPnOoS5FCNDJ:3tfzGZ5noaXh2IZu/OoS5FQ

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
578b9c0789ddd6d6782d9de801fc6941
unpack001/out.upx

Files

578b9c0789ddd6d6782d9de801fc6941
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ