5681eab6504820d1f3a78c0b2a89e79c744339598a18633f8e6e10b6fd86fbbd | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5681eab6504820d1f3a78c0b2a89e79c744339598a18633f8e6e10b6fd86fbbd
Size

53KB
MD5

bb3c54ae0256fa124d7a281c0c522d61
SHA1

62e55df645695f0c20bc8c41d7d7d4c0067a7bfc
SHA256

5681eab6504820d1f3a78c0b2a89e79c744339598a18633f8e6e10b6fd86fbbd
SHA512

d868857cfd5ba06626ba300320cba61facea673d05e59bcb90f2441e30d405b303b7ec3b0b1bd73e11286a604f3e4fa156a44949f8b8fd482e91297e7f84725c
SSDEEP

768:V7Blpf/FAK65euBT37CPKKQSjyJJcbQbf1Oti1JGBQOOiQJhATBOTQbzjrY/+TQh:V7Zf/FAxTWoJJZENTBWJx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5681eab6504820d1f3a78c0b2a89e79c744339598a18633f8e6e10b6fd86fbbd

Files

5681eab6504820d1f3a78c0b2a89e79c744339598a18633f8e6e10b6fd86fbbd
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE