ecda091facfd36a55e7a39cf3b2e972e135ac9f7f0ef5b862b47f1c72528753b | Triage

Sharing

General

Target

ecda091facfd36a55e7a39cf3b2e972e135ac9f7f0ef5b862b47f1c72528753b
Size

231KB
MD5

875dd7b369d027c06aa23bec26a72ee2
SHA1

655f1db9e40e98547a3a3eb8873c2d47737dff05
SHA256

ecda091facfd36a55e7a39cf3b2e972e135ac9f7f0ef5b862b47f1c72528753b
SHA512

cb35f7b6695462a8122149605fba76e5bec04faa099c8701aab320e3910ad496d8ff11181d04be89e8a677e70d9c99c468b4db0f41a6cdf0db9948510fbf6ec9
SSDEEP

3072:G0PsymB6eYc7D6JzN11sH6MI44BCAiP1HI5QrercoKaM743GQQ0fP:BP+B6eYcyJRq6MIfC/8kJ91m

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ecda091facfd36a55e7a39cf3b2e972e135ac9f7f0ef5b862b47f1c72528753b

Files

ecda091facfd36a55e7a39cf3b2e972e135ac9f7f0ef5b862b47f1c72528753b
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_BYTES_REVERSED_HI

Sections

UPX0
Size: 68KB - Virtual size: 72KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE