b8e5c9c62d5d3e1e47f88127ad1fdc54b98e8e05ed768622e58a51b61fe12945 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b8e5c9c62d5d3e1e47f88127ad1fdc54b98e8e05ed768622e58a51b61fe12945
Size

336KB
MD5

fb543a7ab8df3682d937df9472a795f7
SHA1

c1ed8ae29a2dfbccfc5a5ba601915cf35554443f
SHA256

b8e5c9c62d5d3e1e47f88127ad1fdc54b98e8e05ed768622e58a51b61fe12945
SHA512

d555b017c7df2c511a0e501d0a9bc3f9d4ec8191ae416cf8257c0c1f7fe89e40ab211319a7be371a11f8a9068b7ed3096bcdd69ef29b177156fadfa6f85557ed
SSDEEP

6144:khF4cO+wWJH7igNgjdFKsloS+RARoYlld9n2Qpmx:kMVzX5oStoYXC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b8e5c9c62d5d3e1e47f88127ad1fdc54b98e8e05ed768622e58a51b61fe12945

Files

b8e5c9c62d5d3e1e47f88127ad1fdc54b98e8e05ed768622e58a51b61fe12945
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 138KB - Virtual size: 140KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE