ec5a8b4ee3c9b4b38e09a73921f29f2504f7165871a469a102ac69da59e027f9 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

ec5a8b4ee3c9b4b38e09a73921f29f2504f7165871a469a102ac69da59e027f9
Size

283KB
MD5

801a862c17b6bf787df2171ae9bceb47
SHA1

83416bc56032d566c99afe8f93f1c558bc6e372c
SHA256

ec5a8b4ee3c9b4b38e09a73921f29f2504f7165871a469a102ac69da59e027f9
SHA512

054e6911cb0cf6d27239074d2bd1bca9955dd41438dfed2cff2d172592b09bde549cada9f34656918f168c6cce1b394186649679198572a5bb094cf2bdd44210
SSDEEP

6144:KiQSoDuXuyQSoDuXuEH8iQSoDuXuyQSoDuXuEHG:VQtwQt4QtwQth

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec5a8b4ee3c9b4b38e09a73921f29f2504f7165871a469a102ac69da59e027f9

Files

ec5a8b4ee3c9b4b38e09a73921f29f2504f7165871a469a102ac69da59e027f9
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE