7d4bf03bb5e6c8ef2338d298c201660c63548d3d657c7bbe85c64038aab3578a | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7d4bf03bb5e6c8ef2338d298c201660c63548d3d657c7bbe85c64038aab3578a
Size

1.4MB
MD5

79c0fb75bf5fffb9cb8f81fc30613ef4
SHA1

9895da19aa264a40c0f96ee78dfc867b6b22f77e
SHA256

7d4bf03bb5e6c8ef2338d298c201660c63548d3d657c7bbe85c64038aab3578a
SHA512

78ce178ead2f82f3682f8fe37145631552eb451c8e5946beda03ae3cf0b1c145d6057d96ff68b062b0cd92352426daabcd651930c216d0562434acd19b325641
SSDEEP

24576:qbCVV6gpZ69wp2BCOFwhgPfF7WZq4Kuf5SkpRudNXk7qA8yvjtWYbaFDNBg:MCFOzCdhgHFqZq4KuxSpdNXgqjyLtWY+

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
7d4bf03bb5e6c8ef2338d298c201660c63548d3d657c7bbe85c64038aab3578a
unpack001/out.upx

Files

7d4bf03bb5e6c8ef2338d298c201660c63548d3d657c7bbe85c64038aab3578a
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.4MB - Virtual size: 1.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 620KB - Virtual size: 618KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 932KB - Virtual size: 931KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 259KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ