c3793f8f35bbdcfc0e2a445ab391daf8aed86502b516a736abb736bbc46f7733 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

c3793f8f35bbdcfc0e2a445ab391daf8aed86502b516a736abb736bbc46f7733
Size

545KB
MD5

ad25ffb53b47c6218bbc649db7f7c8b4
SHA1

cf84031108a55d7d37d2c77d567b369b8402c252
SHA256

c3793f8f35bbdcfc0e2a445ab391daf8aed86502b516a736abb736bbc46f7733
SHA512

8b995398a8bd6fa15b7c4b602d4f89a9f589eb0c8bb494826e73a5925234d9f3f274002a26a859ccac06d1fb5bb62dabcacae03de79c0710e311258299f92eb2
SSDEEP

12288:QefCQu2QZwZgDxV1jAf8HI1kfUzsRurSbgGbNGMPbnn9e+8pkNN:jKQ1Q+S1nAEHIKszJrUgMUMjn9ep

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/out.upx	autoit_exe

Files

c3793f8f35bbdcfc0e2a445ab391daf8aed86502b516a736abb736bbc46f7733
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 468KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 514KB - Virtual size: 513KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 26KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ