fa5ac5fd3815d41005858013d22e98a86c7b7831e96c0f98b674d5e42c1fad30 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

fa5ac5fd3815d41005858013d22e98a86c7b7831e96c0f98b674d5e42c1fad30
Size

71KB
MD5

1e813f9d4a7ee47b998aa521f0da81f2
SHA1

15c83ef21dc1cc03ddddd7b6068c6d6cb32532b4
SHA256

fa5ac5fd3815d41005858013d22e98a86c7b7831e96c0f98b674d5e42c1fad30
SHA512

d244701f561d0493db55fd68f97e7218c63091199dfef85611290d22783397310d51173da0b5103ac11fe25496abb0b19315a93190a9fbf58399ff5d6cf3216a
SSDEEP

768:V7Blpf/FAK65euBT37CPKKQSjyJJ1EXBwzEXBwdcMcwBcCBcw/tio/tiQ/Gum/Gp:V7Zf/FAxTWoJJ7TTQoQC

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa5ac5fd3815d41005858013d22e98a86c7b7831e96c0f98b674d5e42c1fad30

Files

fa5ac5fd3815d41005858013d22e98a86c7b7831e96c0f98b674d5e42c1fad30
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE