b00b99e43c91cdf89fada8dbaed187abdbc22675a3cfb07632f344e4c4df7291 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

b00b99e43c91cdf89fada8dbaed187abdbc22675a3cfb07632f344e4c4df7291
Size

4.3MB
MD5

de5d77ca9b45d1abd06f604b0e71fcf4
SHA1

5cd711e1a5ee8dd027511a430b3d894703dc4d66
SHA256

b00b99e43c91cdf89fada8dbaed187abdbc22675a3cfb07632f344e4c4df7291
SHA512

08d9ba5b324ceb91366d83b3b449671a7aff8094cd8ab1119a13781e88e4095174c086294a4c1d53dc87fd9a3713eda80ece9f741883e3914878ad65971181c9
SSDEEP

98304:kvo1jH15mpx2OoxC63KEYInhPe3/9zK7tL2+/LxYD/2hK:+EjH1Qpxn6aZmhPe3VW2+TxO/z

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
b00b99e43c91cdf89fada8dbaed187abdbc22675a3cfb07632f344e4c4df7291
unpack001/out.upx

Files

b00b99e43c91cdf89fada8dbaed187abdbc22675a3cfb07632f344e4c4df7291
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 712KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 499KB - Virtual size: 500KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 824KB - Virtual size: 822KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ