0578d89a8bb18d3810c5210c02078c1432336f876a1edf5a3f523327be10f4e4 | Triage

Sharing

General

Target

0578d89a8bb18d3810c5210c02078c1432336f876a1edf5a3f523327be10f4e4
Size

150KB
MD5

40bf7dff65af69a237c48ae40aff7f6a
SHA1

4d41fc5a1beb4431d53c9a0aa989bfae08e320c1
SHA256

0578d89a8bb18d3810c5210c02078c1432336f876a1edf5a3f523327be10f4e4
SHA512

c266b3f25347c89abf38a7441062fef437c28dd9939c457acde48cfed8cb96771198149fc2188e26994ed0837476c372a82956c61273d0f68ed175545b89be7f
SSDEEP

1536:V7Zf/FAxTWY1++PJHJXA/OsIZfzc3/Q8zxY5KwnTWn1++PJHJXA/OsIZfzc3/Q8s:fnyiQSox5KwjQSox5KwV

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0578d89a8bb18d3810c5210c02078c1432336f876a1edf5a3f523327be10f4e4

Files

0578d89a8bb18d3810c5210c02078c1432336f876a1edf5a3f523327be10f4e4
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE