a31dcb3e6bc0f6c6e9b557cbb2d0d01a227cae677302dda5f7be6a899d9ad1f8 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

a31dcb3e6bc0f6c6e9b557cbb2d0d01a227cae677302dda5f7be6a899d9ad1f8
Size

349KB
MD5

1c19b58e09a3cd92ba36942a6db4c9d0
SHA1

d56fe8c011a0933c5d4cc6a90de98a18046832bc
SHA256

a31dcb3e6bc0f6c6e9b557cbb2d0d01a227cae677302dda5f7be6a899d9ad1f8
SHA512

144437600974b5942847cbf81502d58847c6a656744fbe2a0946ed20a6b48d4433c0e11df546a64d296a609b1b0a87aebb5b5287b0981fc14c4704792f349428
SSDEEP

6144:1+nN0pEJitnhZA/8G6JDDYcXPlwpHejGudo87RkRpppppS4TXFuappphbx:InNeEJwnhmX2DDYklwZMaRpppppS4TXR

Score

8^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

AutoIT Executable 1 IoCs

AutoIT scripts compiled to PE executables.

resource	yara_rule
static1/unpack001/out.upx	autoit_exe

Files

a31dcb3e6bc0f6c6e9b557cbb2d0d01a227cae677302dda5f7be6a899d9ad1f8
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 476KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 222KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 408KB - Virtual size: 407KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ