5aa0d566951168243a5e0fca61cf9f9a230c91b0812f9a90a59c672366fe79fe | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5aa0d566951168243a5e0fca61cf9f9a230c91b0812f9a90a59c672366fe79fe
Size

1.0MB
MD5

40fbd40b22beff30b3d5874886b9718f
SHA1

676e9d60e8ea711fe129f85f37a12dffc56c9233
SHA256

5aa0d566951168243a5e0fca61cf9f9a230c91b0812f9a90a59c672366fe79fe
SHA512

895766b215e98442ce392ac13f85991ece678f720f8ae05ea8864325e6ab749c2983ad6133e77a99d0ddb9be3f17bf7d95b96b5907e1847577a44e6c69371ada
SSDEEP

6144:xZHcIX9SSgMW+IFZMbQrkodzb4XsIUYd:xdcIX0vFZJetd

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5aa0d566951168243a5e0fca61cf9f9a230c91b0812f9a90a59c672366fe79fe

Files

5aa0d566951168243a5e0fca61cf9f9a230c91b0812f9a90a59c672366fe79fe
.exe windows:6 windows x86 arch:x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_ISOLATION
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE