5d74e356b7ded433f5f29e3a9001af3078d6e3fa9adfa356959f7944066ea016 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d74e356b7ded433f5f29e3a9001af3078d6e3fa9adfa356959f7944066ea016
Size

134KB
MD5

3cfe151b961b3709a096b92739163d2e
SHA1

59ee4f4b8ff9a6efb9dd213a8839d30e23b18182
SHA256

5d74e356b7ded433f5f29e3a9001af3078d6e3fa9adfa356959f7944066ea016
SHA512

cdc8e5039caa645f425bda47f7d910245ac443916ec0aec4d9720ff76a148b8c0789f615f354473d34439f363ece57ba8bdbffef9067f3b3835eaa2767b606a5
SSDEEP

1536:rF0AJELopHG9aa+9qX3apJzAKWYr0v7ioy6paK2AZqMIK7aGZh38QK:riAyLN9aa+9U2rW1ip6pr2At7NZuQK

Score

10^/10

upx

Malware Config

Signatures

UPX dump on OEP (original entry point) 1 IoCs

resource	yara_rule
sample	UPX

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d74e356b7ded433f5f29e3a9001af3078d6e3fa9adfa356959f7944066ea016

Files

5d74e356b7ded433f5f29e3a9001af3078d6e3fa9adfa356959f7944066ea016
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 64KB - Virtual size: 80KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE