2459ae21e5bb265a6ef19340b094abd1035449b91ac8be91e88233f3e7655511 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2459ae21e5bb265a6ef19340b094abd1035449b91ac8be91e88233f3e7655511
Size

180KB
MD5

0f17000910c38118428d83a966e7b421
SHA1

338226e9d07a2d40a96e1c914dd754500c040d9f
SHA256

2459ae21e5bb265a6ef19340b094abd1035449b91ac8be91e88233f3e7655511
SHA512

bda1849679acc2998afa678657a8727f881f0c9fe2fd283d8e781ef73e7a96b67b9edd0a2be0db0e046c2790fa40f5e72017cb20449a3170c72dc76c1e740eb5
SSDEEP

1536:k9D9AX56ntoD8NLR+gsgHb3haXf2FljvcsU9RL7liS4gZe+B5mk+LOxn5LUrQ7U1:k9D9FpFQCgsU9lySeg5mBixZJY09y

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2459ae21e5bb265a6ef19340b094abd1035449b91ac8be91e88233f3e7655511

Files

2459ae21e5bb265a6ef19340b094abd1035449b91ac8be91e88233f3e7655511
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 72KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE