ac1b311087f1054e567c77b47e97446799099b176d9dbd40a5a3d3410496b676 | Triage

Sharing

General

Target

ac1b311087f1054e567c77b47e97446799099b176d9dbd40a5a3d3410496b676
Size

135KB
MD5

5ac985a7f0a68d51f259298e3d4222bd
SHA1

28b044ddd1a4136b4007246ce1ff3847e2ab0505
SHA256

ac1b311087f1054e567c77b47e97446799099b176d9dbd40a5a3d3410496b676
SHA512

0bf99a4e8e36757a183090e6fb5d82e395b77b272301d5b47b04781dfdf805c463f7ac118dfca19c0b4c61a5b0a5feb8e73459c3ae495d19d36772ab4e86be1c
SSDEEP

1536:YGYU/W2/HG6QMauSV3ixJHABLrmhH7i9eNOOg00GqMIK7aGZh3SO1:YfU/WF6QMauSuiWNi9eNOl0007NZIO1

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac1b311087f1054e567c77b47e97446799099b176d9dbd40a5a3d3410496b676

Files

ac1b311087f1054e567c77b47e97446799099b176d9dbd40a5a3d3410496b676
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 64KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE