5bdded7152bf33f552752194798fad9d | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5bdded7152bf33f552752194798fad9d
Size

15KB
MD5

5bdded7152bf33f552752194798fad9d
SHA1

10fc9312d98731d355c5a1c42ccadac4a560646b
SHA256

8b304f74d0b1e397880e488f0901b89e8a38ed1263eb6a0617399c0d0cd6da17
SHA512

4438cb9ef53eae8efdff2b95862c6c0210df6c1993c7848fd1ee43d292661022aaf22f2f19e0c64920acf0daed24cc1565821e1793cf843316b91548f56bf96b
SSDEEP

192:LEzv7rJXw/1CGz+/9jfqREIH9k/wls5Rf4WYcw5B/uT8Azi681ayiHTm3qpK84/C:Lun0xawlqNjw5k4AG6ga3H2vlSOu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
5bdded7152bf33f552752194798fad9d
unpack001/out.upx

Files

5bdded7152bf33f552752194798fad9d
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ