5bd307ed5594986f9e56f5d66949c800 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bd307ed5594986f9e56f5d66949c800
Size

17KB
MD5

5bd307ed5594986f9e56f5d66949c800
SHA1

e233c2cc921eb51f22e6fe359bedf14896a901a4
SHA256

1c3296f213919627e9bf42669e97a1b602a9496cf2dadc32d3cf4174299d6154
SHA512

e83e590bd65c53a55e55aff7a027c3d6e0976f368a0733666ae3ded63e201553abf3884bfcd15a1feaededbb2ea5849283634e5ff6a4cf2354a09dbcc861286a
SSDEEP

192:kA53ryHuxjPfxUuCp1CqNSdpdRewrJGqtpclQad3V1ZyWYjCcJTEf++2+4O/EPEC:vLxUujdpdx0PQeYTOGi++REPNciq7i

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5bd307ed5594986f9e56f5d66949c800
unpack001/out.upx

Files

5bd307ed5594986f9e56f5d66949c800
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 256KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.bss
Size: - Virtual size: 226KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ