5d3eda9e79269fed3282b660c9ab03ec2f455baa4ca3eb18b15d48235576abee | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5d3eda9e79269fed3282b660c9ab03ec2f455baa4ca3eb18b15d48235576abee
Size

8.0MB
MD5

2a6d6488b2334f0e35e3857b769891c4
SHA1

e452819f1dd2b5cf1e2fcdb90548267f9ac1fb71
SHA256

5d3eda9e79269fed3282b660c9ab03ec2f455baa4ca3eb18b15d48235576abee
SHA512

a948d5e99d0789755fb33a578dd806cde11f4c06c821cd6d233acb00d37d15798dd0fe49e8b78b4bc2761206028d10deb8ec0952749720ad640304b07e2c8f42
SSDEEP

196608:VsssssssssssssssssssssssssssssssssssssssssssB:Vssssssssssssssssssssssssssssssu

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5d3eda9e79269fed3282b660c9ab03ec2f455baa4ca3eb18b15d48235576abee

Files

5d3eda9e79269fed3282b660c9ab03ec2f455baa4ca3eb18b15d48235576abee
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 80KB - Virtual size: 92KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 65KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX2
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE