542aab506740b55d248bf22dd378b990N | Triage

Sharing

General

Target

542aab506740b55d248bf22dd378b990N
Size

61KB
MD5

542aab506740b55d248bf22dd378b990
SHA1

aba777a1ef3771e14ab60c2d819e1fd3cc05b9de
SHA256

9028e96ab85acb7bb6ceb1df9e814f585616742026b780f70582a16d7d9438e0
SHA512

94997d780ccc026e816e1fc4a7e236768b58a0f4b8738f0c9e747a0883fd3c74fbfee6d36fc396f7141974ad4222bb7a63c60b46f4120c36c3e52af066732889
SSDEEP

768:r8eRH+MlFh0pDpuJ84WEi+U6sh7iQroCHmyf+RjFBSuB2Xpfs1VRx:r9l+W8xFt6sh7iQroCoRB0u0sH

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
542aab506740b55d248bf22dd378b990N

Files

542aab506740b55d248bf22dd378b990N
.exe windows:5 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 20KB - Virtual size: 32KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE