ef4d3aa53fcf54d5f6a764671d9e3d088011fb8923fc2f6adbb28e9937f62e53 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ef4d3aa53fcf54d5f6a764671d9e3d088011fb8923fc2f6adbb28e9937f62e53
Size

504KB
MD5

1a53833546dc95e0e1d01b8da5122b1f
SHA1

485d81672550b7f8f45aac2e06786e18b220202e
SHA256

ef4d3aa53fcf54d5f6a764671d9e3d088011fb8923fc2f6adbb28e9937f62e53
SHA512

efca3fd771c5fc6df95a37ece70b8d225bcfbf0bef17b42d4e1ca1c2bed0a4a2f8a682e2f12b297b022889361e8c7d648410340e59b0d32bfc7a59121902f842
SSDEEP

6144:YhbZ5hMTNFf8LAurlEzAX7oEwfSZ4sXUzQIRFyrja:2tXMzqrllX73wfEIR7

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef4d3aa53fcf54d5f6a764671d9e3d088011fb8923fc2f6adbb28e9937f62e53

Files

ef4d3aa53fcf54d5f6a764671d9e3d088011fb8923fc2f6adbb28e9937f62e53
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE