2d99499bd32277d990ab68b04f930123c4fe6c9e6c5ee619abec04b9de172d8b | Triage

Sharing

General

Target

2d99499bd32277d990ab68b04f930123c4fe6c9e6c5ee619abec04b9de172d8b
Size

390KB
MD5

63a364620dcd70ada03eee7f591de81e
SHA1

41ec7aeb7c7ac83a778a7b7b7163390a99599480
SHA256

2d99499bd32277d990ab68b04f930123c4fe6c9e6c5ee619abec04b9de172d8b
SHA512

a72739028cd68552bacbdca9c55c4f269206711becb875fba7beee6889123e4710ec4c44b81cf8df5378de587160f4d18de8b7a8dce910f718949ccdf76726ea
SSDEEP

12288:Kc6fcoxQNKJvMf4s1S9KMqXYxzk1BjYnsWQJ208:DoxQUJG4s18qIu958

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
2d99499bd32277d990ab68b04f930123c4fe6c9e6c5ee619abec04b9de172d8b
unpack001/out.upx

Files

2d99499bd32277d990ab68b04f930123c4fe6c9e6c5ee619abec04b9de172d8b
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 840KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 358KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 704KB - Virtual size: 701KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 329KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ