f5a2971bc83d49535ea19febb3102405b2c7427f01808b182cf47f078006fbfa | Triage

Sharing

General

Target

f5a2971bc83d49535ea19febb3102405b2c7427f01808b182cf47f078006fbfa
Size

415KB
MD5

6e35a83c4c1b3f80e1c25525a958cc27
SHA1

448bd4ef999668c46ffd03a0b8d9d2143e61b44f
SHA256

f5a2971bc83d49535ea19febb3102405b2c7427f01808b182cf47f078006fbfa
SHA512

9156ebf49f168c6eac5176f7b2390d94fbc0b6ccdec4094884e24a9cf491efd41ec49a41fab7fa1d7f49c85761b589938fe62ef590438b0f2b9cee7143cc2493
SSDEEP

12288:EykpE/VCWyAqFhxILt+2tpPk7Ei7+r1434WwJ:mp0CWyAqykiDC4p

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f5a2971bc83d49535ea19febb3102405b2c7427f01808b182cf47f078006fbfa
unpack001/out.upx

Files

f5a2971bc83d49535ea19febb3102405b2c7427f01808b182cf47f078006fbfa
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 388KB - Virtual size: 392KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 908KB - Virtual size: 905KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 96KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 315KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ