7f4e765ed0b9e57bbcd10662ce49d55008772353e3d92bd8484a52d6ee7d7ab6 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7f4e765ed0b9e57bbcd10662ce49d55008772353e3d92bd8484a52d6ee7d7ab6
Size

759KB
MD5

f459eef2212c19080481e2eda8f2512e
SHA1

4342a9e6b0b74e3b5ab398fa373d99cf8e1667e8
SHA256

7f4e765ed0b9e57bbcd10662ce49d55008772353e3d92bd8484a52d6ee7d7ab6
SHA512

2cabd4fc858b772ca01c03f22849023f71747977a411ec1bbbbc9f0ab8313410ff5497a82f1900e944708ee9cbb377e72c4221099134eb644c70edde6149cd76
SSDEEP

12288:y7+njpma05aqc5OeXVfPWKGoDThX1K2NY0G3OxSliLWOx75PY9h0Aa+rCDd8/jAJ:yKma05aquOopGKF1KK23OxVLx7tYgkC9

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
7f4e765ed0b9e57bbcd10662ce49d55008772353e3d92bd8484a52d6ee7d7ab6
unpack001/out.upx

Files

7f4e765ed0b9e57bbcd10662ce49d55008772353e3d92bd8484a52d6ee7d7ab6
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 1.2MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 748KB - Virtual size: 748KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 928KB - Virtual size: 925KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 500KB - Virtual size: 498KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 470KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ