b5020030960ca836811509ce31bbdf80 | Triage

Sharing

General

Target

b5020030960ca836811509ce31bbdf80
Size

322KB
MD5

b5020030960ca836811509ce31bbdf80
SHA1

aebaad878bb8c690e71c2b0a072857e1892b63ce
SHA256

24f8add62e6ff60d83ba16476489d358e8afcda95f20356e0fa425b796d71e05
SHA512

9fa82202e6ac22dd6d1c0cbc5d71477094245057d3886646061a5360b5ba3a3bc0adfe4fd1b18032596e64524656d4cad93fb2f0343241761500db0f0332c583
SSDEEP

6144:YhbZ5hMTNFf8LAurlEzAX7oEwfSZ4sXUzQI6FTUL:2tXMzqrllX73wfEI6C

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b5020030960ca836811509ce31bbdf80

Files

b5020030960ca836811509ce31bbdf80
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE