5b75211b2295cfa49c8bf9cdf1c1918a7238a4b166b188244a5fcf7e550260e8N | Triage

Sharing

Copy URL Twitter E-mail

General

Target

5b75211b2295cfa49c8bf9cdf1c1918a7238a4b166b188244a5fcf7e550260e8N
Size

843KB
MD5

d5b5e6ad8207a7ca3e00181fb3be6af0
SHA1

db6efed6675addde3f3cfab5934d36a2ca297046
SHA256

5b75211b2295cfa49c8bf9cdf1c1918a7238a4b166b188244a5fcf7e550260e8
SHA512

a2f816be6f702da249dc94f7ca90dfdf93d00ec48623bf378b45f328eb23a8516aed2091f7c3412ef46d207cdd62519c9ee229ffe8e0c8d2db1eac5017a37064
SSDEEP

24576:v6Zv2ivhBVnFys7xP86LkRCQsa6YBUJ9ghPjaoZHNX:vE2ivhQs7dLkDsLvJ9uLaeF

Score

5^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b75211b2295cfa49c8bf9cdf1c1918a7238a4b166b188244a5fcf7e550260e8N

Files

5b75211b2295cfa49c8bf9cdf1c1918a7238a4b166b188244a5fcf7e550260e8N
.exe windows:1 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Sections

UPX0
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 43KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.imports
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE