6384b9b1d828ce0eee1a21b6e3392d4774bb49d5d4038ef4fcb17cdb73c6c532 | Triage

Sharing

Copy URL Twitter E-mail

General

Target

6384b9b1d828ce0eee1a21b6e3392d4774bb49d5d4038ef4fcb17cdb73c6c532
Size

289KB
MD5

ba4eb170c0df26253bf4b6dbea714cda
SHA1

d6448de84c1e456a77744d7c0642076a54c52bf9
SHA256

6384b9b1d828ce0eee1a21b6e3392d4774bb49d5d4038ef4fcb17cdb73c6c532
SHA512

b02951617123e9d3d1753943f6da52dbb73ebabe31894d85f6208dba1ea7dc168f0781d528760713f4bcf372bad6400aff8fbc36c9f1f9946790f80be8c6150b
SSDEEP

6144:IMyrMQrkptOcV1CYjRenIVq/VCCr1yMdgNZx+AKOY:IMyrM9ecHnFIIVqFJeZKO

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
6384b9b1d828ce0eee1a21b6e3392d4774bb49d5d4038ef4fcb17cdb73c6c532
unpack001/out.upx

Files

6384b9b1d828ce0eee1a21b6e3392d4774bb49d5d4038ef4fcb17cdb73c6c532
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 440KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 286KB - Virtual size: 288KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:5 windows x86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 508KB - Virtual size: 507KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ