2688c9e36a14ee252af5b457506a197b81a85a89e4513e144ead786d50ad79a1 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

2688c9e36a14ee252af5b457506a197b81a85a89e4513e144ead786d50ad79a1
Size

3.2MB
MD5

2419ae2b130e44a2fc2e443dae9bad6c
SHA1

cfbf4953f7e538198fdf959a80fa1273c1b15e07
SHA256

2688c9e36a14ee252af5b457506a197b81a85a89e4513e144ead786d50ad79a1
SHA512

186b5177492e9f6c729f59f207ad50a3472edce332de3660ccfa43033d7662aeb194d501ba57133daf11ba5deaa33f40f88e21e878de9725ae09f961f78ef9f4
SSDEEP

98304:PM884cl9/Gp+vpQ45ikl4TPartCGvZ29FfRupRv4UhPrzcPU1:JUApMQ4ghToCQULpqGUke

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2688c9e36a14ee252af5b457506a197b81a85a89e4513e144ead786d50ad79a1
unpack001/out.upx

Files

2688c9e36a14ee252af5b457506a197b81a85a89e4513e144ead786d50ad79a1
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.8MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 2.9MB - Virtual size: 2.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 269KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3.4MB - Virtual size: 3.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 497KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ