238ce9ce900f12bdc8e037a1ee008bbf75476839587ac282c53efa865243eab6 | Triage

Sharing

General

Target

238ce9ce900f12bdc8e037a1ee008bbf75476839587ac282c53efa865243eab6
Size

40.8MB
MD5

4c8a57dece40509a486b61e1d0ec2421
SHA1

43ef3dfd0434f6680a8b51fd6172ca4fe865dfaf
SHA256

238ce9ce900f12bdc8e037a1ee008bbf75476839587ac282c53efa865243eab6
SHA512

d564ecd6e0ade2f113bdff53a1abcabe5182b117c54079440c3b8a660da7842ee5ee862572b97a44251182fe3ae41986ab9efb94a255a0a0bdfa6f8fd844d379
SSDEEP

786432:QqVcWXywg7p1ez2kahdZY9jfI72wVPCVtRgeBq56x5l8cmO6/BTc:lfg7p1bnh/Y9jQKw56MGeXTc

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
238ce9ce900f12bdc8e037a1ee008bbf75476839587ac282c53efa865243eab6
unpack001/out.upx

Files

238ce9ce900f12bdc8e037a1ee008bbf75476839587ac282c53efa865243eab6
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 856KB - Virtual size: 856KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 480KB - Virtual size: 476KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 347KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ