005c849c9bdc0bcd2fda78ce74dd07a1fdfa3429779ed336af4cdc4a0cb6c79f | Triage

Sharing

Copy URL Twitter E-mail

General

Target

005c849c9bdc0bcd2fda78ce74dd07a1fdfa3429779ed336af4cdc4a0cb6c79f
Size

111KB
MD5

741ef6a63c3f22667d5262d766a4fdc5
SHA1

5034fb9e760450ab79b23fd982fd2b7019073880
SHA256

005c849c9bdc0bcd2fda78ce74dd07a1fdfa3429779ed336af4cdc4a0cb6c79f
SHA512

ebe1938636cdec80b8c80210259c06585f72c167a4fb4e67610eec85a9cff6ef2382d68027c6f496644aba18dfe85160a5032b00e6122fa8b8fca0c6d676fe1e
SSDEEP

1536:V7Zf/FAxTW7Mi8IRc14ilag4rI2bIXuei8tIoS65PNi1LVL9r+qcNqNts5L3/rbG:fnyJwRrRtrXy7e

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
005c849c9bdc0bcd2fda78ce74dd07a1fdfa3429779ed336af4cdc4a0cb6c79f

Files

005c849c9bdc0bcd2fda78ce74dd07a1fdfa3429779ed336af4cdc4a0cb6c79f
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE