e79ded39321e5c9a63132e53a57f855a731ca19286c68f618a925c12f3dbbf85 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

e79ded39321e5c9a63132e53a57f855a731ca19286c68f618a925c12f3dbbf85
Size

82KB
MD5

f5fa50398d4ebff02f32adb3ec8db689
SHA1

be52f6abeb879a38a3f29a9c3cbaef389dd83ff9
SHA256

e79ded39321e5c9a63132e53a57f855a731ca19286c68f618a925c12f3dbbf85
SHA512

6dc3769090591be675224e41e6229f9e484e7646e51b2e2043111999585780381f6a3d8d49adc866917c2b19df76127224915473b1cff9ee5bb5f5ed89e9df56
SSDEEP

1536:w9nFZBFDRb5pj51vvGmheXU2jrrQUO4h9r7s/K1aPr5YwgxGMNweqGd5f75Z:6n1FDv13grQUO6d8K16qGMNweNd5f7r

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e79ded39321e5c9a63132e53a57f855a731ca19286c68f618a925c12f3dbbf85

Files

e79ded39321e5c9a63132e53a57f855a731ca19286c68f618a925c12f3dbbf85
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 176KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE