d56e3db75a5401ac8a058bc195a94c4af877ccb9bef2220d5e0cbfc1c55ae049 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

d56e3db75a5401ac8a058bc195a94c4af877ccb9bef2220d5e0cbfc1c55ae049
Size

2.5MB
MD5

ec97d2b817a10830783535cb2bfca3e7
SHA1

be4fb3c5274bea8bb79794d9e0dac601358886cc
SHA256

d56e3db75a5401ac8a058bc195a94c4af877ccb9bef2220d5e0cbfc1c55ae049
SHA512

d2c98ad84d0c55f619e8ea7ea0981f2a74d99b653f04a9ead25331623c3d294e4aecc1b3ba5362268d9d2aadcefeca47d2db8b07fd71747438b5e649008f252a
SSDEEP

24576:QornZ333hlf0vt9H7prDGDlGmlbTcHKU4IeRA7TFxR/LRReL:lt3ot9Y7lkH69ReTNHe

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d56e3db75a5401ac8a058bc195a94c4af877ccb9bef2220d5e0cbfc1c55ae049

Files

d56e3db75a5401ac8a058bc195a94c4af877ccb9bef2220d5e0cbfc1c55ae049
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

0
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE