b029c08789c6001aa1f9e870a06ef049433d0cc25becc1beb9f0d6302508b296 | Triage

Sharing

General

Target

b029c08789c6001aa1f9e870a06ef049433d0cc25becc1beb9f0d6302508b296
Size

1.3MB
MD5

0b037e3d12262a1638c1217fae8773a1
SHA1

e233cc1d6d71034f77d17d89658d2052b1038db5
SHA256

b029c08789c6001aa1f9e870a06ef049433d0cc25becc1beb9f0d6302508b296
SHA512

35a2381a73e56718ff6d55661708a0230a4de2c3770ff7b5825f22dfc1a757515a5555a14fce737d9806406df3833c7f415a15a30b3ff67fcc43f3239b408529
SSDEEP

24576:fzgTLkcevOAJHPSTacyR3uunznkX4C+YyRGG6yaHDMEw:fzgTOey7gX4KiSD0

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs
Detects executables packed with UPX/modified UPX open source packer.
upx

Processes:

resource yara_rule

sample upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

Processes:

resource
b029c08789c6001aa1f9e870a06ef049433d0cc25becc1beb9f0d6302508b296
unpack001/out.upx

Files

b029c08789c6001aa1f9e870a06ef049433d0cc25becc1beb9f0d6302508b296
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 608KB - Virtual size: 606KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ