bca6a827536f191f0e37805746f01605 | Triage

Sharing

General

Target

bca6a827536f191f0e37805746f01605
Size

5.9MB
MD5

bca6a827536f191f0e37805746f01605
SHA1

c02186f3a7f5df742e4bf402bf29a833d6fcf354
SHA256

440a3bbe8f48309be6b611a91a0bea29838498b64f030149bc4acb9583c37be7
SHA512

d529dc24e050bb9330206699f4d1bb74e09f476d9075e2669c63e6a6680b64267325c1de8b87f2e40dc179f310d521414b3f019c4fab420bc1cade8de38c1d26
SSDEEP

98304:v5dvHV2bRgXVGDAclznDx0NkdsXNB12L79wp9npmMiK0L9jOlWXQTdNsu9jREW5D:RdvwbRglGzjDc8sbq6vmamwLPxj6W5D

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bca6a827536f191f0e37805746f01605

Files

bca6a827536f191f0e37805746f01605
.exe windows:8 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 548KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1010KB - Virtual size: 1012KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 7KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ