5df397b30179f884b9db2975f6a018c3dfa974da0a04d6281532d5fc525dcab6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5df397b30179f884b9db2975f6a018c3dfa974da0a04d6281532d5fc525dcab6
Size

1.3MB
MD5

2097175408809d1b7537db5c371c1a51
SHA1

c4ba2fa1801ab37990cb2baf0234cae19900f605
SHA256

5df397b30179f884b9db2975f6a018c3dfa974da0a04d6281532d5fc525dcab6
SHA512

31c406983c4c9ed8bb4633bcacf5f2b19231b72d5085867d5ecaa717cd08a647c36a7a3b3cea898aa083939ec2454fc3c3a02e6d82652237ccd7d3a23ff1e81a
SSDEEP

24576:I0aCQJOgkLzMIwC8QKTS1LQlAn9L5jTkLgXbs4boglG49q8qL/JK:IAQJOA8DnFxXb95lG49mL/

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5df397b30179f884b9db2975f6a018c3dfa974da0a04d6281532d5fc525dcab6

Files

5df397b30179f884b9db2975f6a018c3dfa974da0a04d6281532d5fc525dcab6
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 972KB - Virtual size: 972KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 368KB - Virtual size: 368KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ssas23
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE