5a701beca87743d31c6e9609014fd2709e67c7b5646af43f28ff2e94442bdd90 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5a701beca87743d31c6e9609014fd2709e67c7b5646af43f28ff2e94442bdd90
Size

104KB
MD5

5799f0f8b340fc1680f830781700e88a
SHA1

eb9cd73b4d469dab0229cc8f72ac8b9b152bf47e
SHA256

5a701beca87743d31c6e9609014fd2709e67c7b5646af43f28ff2e94442bdd90
SHA512

ab4e2cab34f10dfe20131f416d188ed67e0af3c13f6e54b4d1909131875b0713eab7585efc3be51457adf3cb474af1c899af8c6c2d0506877c103528f4346b5a
SSDEEP

1536:a7ZyqaFAxTWbJJB7LDKTW7JJB7LDB7ZyqaFAxTWbJJB7LDKTW7JJB7LDY:enay2tDptDrnay2tDptDY

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5a701beca87743d31c6e9609014fd2709e67c7b5646af43f28ff2e94442bdd90

Files

5a701beca87743d31c6e9609014fd2709e67c7b5646af43f28ff2e94442bdd90
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE