be72923596b2d2c2908b009220d2b47a95f6be25b02f32bf6d68242abfed2308 | Triage

Sharing

General

Target

be72923596b2d2c2908b009220d2b47a95f6be25b02f32bf6d68242abfed2308
Size

5.8MB
MD5

f136fc53d46ea10652338cd775a6aec4
SHA1

6fcae4f96547ad90fda0ae7079fe13431f698a1c
SHA256

be72923596b2d2c2908b009220d2b47a95f6be25b02f32bf6d68242abfed2308
SHA512

f0e49f9635965d4aad3cdcaf2b4128258fed783734e38fddee3f69b942de7c0598d463416bec54b85636d9b4d79f5343095cfe1baa0f54a670db3b7a4aa71fe1
SSDEEP

98304:4PmgEqB26SY/VA1aG2DloD/By8mcun6RdI9hxUrG+plBqI6b494wjq/VWON0pjES:4PSqB2s/VAkG2qFYcun/LiikBqQ9Tjcx

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
be72923596b2d2c2908b009220d2b47a95f6be25b02f32bf6d68242abfed2308
unpack001/out.upx

Files

be72923596b2d2c2908b009220d2b47a95f6be25b02f32bf6d68242abfed2308
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 4.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 668KB - Virtual size: 666KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8.8MB - Virtual size: 8.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 268KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ