a53027a266e76bd000ef733497206ae87fb2c99349c83edaad1cc8bfd3e7dc1c | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a53027a266e76bd000ef733497206ae87fb2c99349c83edaad1cc8bfd3e7dc1c
Size

67KB
MD5

957145e1a8495b18bc5b5c37ee5c5818
SHA1

979fbee79a0fa7ce6266f387605bfaf499d19c81
SHA256

a53027a266e76bd000ef733497206ae87fb2c99349c83edaad1cc8bfd3e7dc1c
SHA512

6c5e75bdbad788ea981dc076a0547f853b1f97a5e38118cc63fd24239d428f1d2d8b355484a1fa9df71012d878d3341a6488779b250870734e9e21c720664e1e
SSDEEP

768:N+CLZoyIm5mn0000IFL8VlVJovlNHBvBPcFhl1WVe8gbxfxhM+g61VP:N51tI/nIFLcJonhpPcjiebbxphM+/9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Files

a53027a266e76bd000ef733497206ae87fb2c99349c83edaad1cc8bfd3e7dc1c
.exe windows:5 windows x86 arch:x86

Code Sign

19:d5:90:f3:96:f5:8a:04:81:27:b4:eb:8b:e7:c8:5e:64:e7:45:42
Signer

Actual PE Digest

19:d5:90:f3:96:f5:8a:04:81:27:b4:eb:8b:e7:c8:5e:64:e7:45:42

Digest Algorithm

sha1

PE Digest Matches

false

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 14KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE