9750a1728f72b8c170921d218ccf0881cb583524a60214a4d420487d85663275 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

9750a1728f72b8c170921d218ccf0881cb583524a60214a4d420487d85663275
Size

1.3MB
MD5

d0ab04bdd07e741478dcdb9e3bf04f02
SHA1

ae889f32bb3c0b9de1f9526b982be8b295573409
SHA256

9750a1728f72b8c170921d218ccf0881cb583524a60214a4d420487d85663275
SHA512

f1e3c897b6da2e588ca5a7d7fc2c1c72348073c3517efed6ad43404a08a6873cecac4702827642371153a057997c3dc666d87313a0e8e94efdb50bb13786bc69
SSDEEP

24576:3ta/XYCUYK4yD2+auirl9+pRD1KoYhksHvPhRpHTKHv9XQ:3cvY7H2+C9+vk1Hl2e

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
9750a1728f72b8c170921d218ccf0881cb583524a60214a4d420487d85663275
unpack001/out.upx

Files

9750a1728f72b8c170921d218ccf0881cb583524a60214a4d420487d85663275
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 5.3MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 2.2MB - Virtual size: 2.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.8MB - Virtual size: 3.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 124KB - Virtual size: 496KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ