efb221b1568c24189ea2f12d4c5e169a4ece2a5ee3f3ec1fb4ca78f92ba812ff | Triage

Sharing

General

Target

efb221b1568c24189ea2f12d4c5e169a4ece2a5ee3f3ec1fb4ca78f92ba812ff
Size

588KB
MD5

bede545f1cd8385d74c45ad28d1a506e
SHA1

a3a17028a3bcdc005e3fab220d347f74b7fe9275
SHA256

efb221b1568c24189ea2f12d4c5e169a4ece2a5ee3f3ec1fb4ca78f92ba812ff
SHA512

3006ff9888ea11aa7c571a1c2af1a33f47035cc58a6797621de4b136d3ec4a45321413b9c2a43bd195a1634e992cdd728003046811227824820572eea2010159
SSDEEP

12288:V95pyYdTg1nMdGo1UWgZYdJOfSHqVeyQC4b3Mj70Mg4wAXvc:VjprAuMZYdDHqVevLYlgx2c

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
efb221b1568c24189ea2f12d4c5e169a4ece2a5ee3f3ec1fb4ca78f92ba812ff
unpack001/out.upx

Files

efb221b1568c24189ea2f12d4c5e169a4ece2a5ee3f3ec1fb4ca78f92ba812ff
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 148KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 63KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 67KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 66KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ