5ae9c4368aab8e9312bbcab993e7c6e899b83ee61ce2d867e1d2158da6f8d6b5 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5ae9c4368aab8e9312bbcab993e7c6e899b83ee61ce2d867e1d2158da6f8d6b5
Size

560KB
MD5

20d4309515d8585d91419ecb11d52dd7
SHA1

ad18c126591ae0580abd7c88019558d30cf70e2c
SHA256

5ae9c4368aab8e9312bbcab993e7c6e899b83ee61ce2d867e1d2158da6f8d6b5
SHA512

b80a5bf87f049b63ae4f41144d01f3fe0ef70312cb13b353b22f4d2feec9f220b8169a66b6e9ffb159434d06ab61075a8ec98f379121e147548305c9a7cfeace
SSDEEP

6144:UhbZ5hMTNFf8LAurlEzAX7oEwfSZ4sXUzQI6FyKezcdwgu:KtXMzqrllX73wfEI6cF

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ae9c4368aab8e9312bbcab993e7c6e899b83ee61ce2d867e1d2158da6f8d6b5

Files

5ae9c4368aab8e9312bbcab993e7c6e899b83ee61ce2d867e1d2158da6f8d6b5
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 86KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE