f2ce8a48ad1b36de524865509ae194f113fa5d3658a9074390418ea9ac43a2d7 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f2ce8a48ad1b36de524865509ae194f113fa5d3658a9074390418ea9ac43a2d7
Size

644KB
MD5

deb2bb76512574611e7b73ebc4f90b09
SHA1

876d460cde699d1f439aff11a20c9d70efef364c
SHA256

f2ce8a48ad1b36de524865509ae194f113fa5d3658a9074390418ea9ac43a2d7
SHA512

a3e72a4d5a64915c284958cf7692d2115e96e35d2c6f7a008a5bca8a263de9cc7e7ec6dbc7ffebe563d7abade84f04952cbd6b17f16a882d8c3b30e3baf87895
SSDEEP

12288:0VR6MCHGcl++DzGqDl7qLjw8D3CdQpapYqeEQYX8pX+Hj5/ksvlWgfO:wR6Dl+CNl7kjN4Q7qtD3vf

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f2ce8a48ad1b36de524865509ae194f113fa5d3658a9074390418ea9ac43a2d7
unpack001/out.upx

Files

f2ce8a48ad1b36de524865509ae194f113fa5d3658a9074390418ea9ac43a2d7
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.5MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 634KB - Virtual size: 636KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 712KB - Virtual size: 710KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 984KB - Virtual size: 980KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 448KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ