2c9b3812d538e2be4d0ad9fe35d1c151d97b06d1089f8fa6ae9873b25dae39ab | Triage

Sharing

General

Target

2c9b3812d538e2be4d0ad9fe35d1c151d97b06d1089f8fa6ae9873b25dae39ab
Size

280KB
MD5

7baeadc564bed8e78c2bdaa4238eebdc
SHA1

a1b76f005a4d789974ce997ed6f3c0990a86ff4d
SHA256

2c9b3812d538e2be4d0ad9fe35d1c151d97b06d1089f8fa6ae9873b25dae39ab
SHA512

8f85df10855baa02fc941a018760c60162b0d752543bea91b73579164bbaed2aa41e73d10517bc8df73e33d16995914bdc91b70a0d27d28e39d2c5866ab1159b
SSDEEP

6144:NXSQ8BCMis1TMrRQwy7eIeCDbFcEOkCybEaQRXr9HNdvOa:NXv8BCLocRZy7eIeyb1Okx2LIa

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2c9b3812d538e2be4d0ad9fe35d1c151d97b06d1089f8fa6ae9873b25dae39ab
unpack001/out.upx

Files

2c9b3812d538e2be4d0ad9fe35d1c151d97b06d1089f8fa6ae9873b25dae39ab
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 280KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 145KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 133KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 166KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 62KB - Virtual size: 62KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ