f8ef24cd2d022b6e1d96d55f97c079f61cafdb6debb7ccc5c7b52b4ee57e3628 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

f8ef24cd2d022b6e1d96d55f97c079f61cafdb6debb7ccc5c7b52b4ee57e3628
Size

266KB
MD5

546d7f8bc82e5bfadbb8b56a3a856e23
SHA1

2038f7c0ff6a5d2daac3d7a1cfb2e355e6d46030
SHA256

f8ef24cd2d022b6e1d96d55f97c079f61cafdb6debb7ccc5c7b52b4ee57e3628
SHA512

47b6e2aa55e6f7ca8dcd1fbcee2cefe5363e6de509da0290ae1f1e7ff0ec8440aae646d7d3a9394251e04561f681abfab64093c2c55ee0a3467a38d1c6750301
SSDEEP

3072:oNXEGZJWhfNFC4S60+XoLczrVmX1BAA84ClgfZNL+C5LYZNO5McAx9L86NH01net:2XzKdNY49u8rVSElwMi5Mcw1V01net

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
f8ef24cd2d022b6e1d96d55f97c079f61cafdb6debb7ccc5c7b52b4ee57e3628
unpack001/out.upx

Files

f8ef24cd2d022b6e1d96d55f97c079f61cafdb6debb7ccc5c7b52b4ee57e3628
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 368KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 163KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 101KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:6 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 114KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 327KB - Virtual size: 326KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ