7384e6bd53b4bb619bb9704defb978b29beeffeac283f82d0604ee7e7ce6b0bb | Triage

Sharing

Copy URL Twitter E-mail

General

Target

7384e6bd53b4bb619bb9704defb978b29beeffeac283f82d0604ee7e7ce6b0bb
Size

923KB
MD5

592b3cb09b1a0b0b9ef12a899f865858
SHA1

bd5009a2791049c81373d7d79968e503e0b19391
SHA256

7384e6bd53b4bb619bb9704defb978b29beeffeac283f82d0604ee7e7ce6b0bb
SHA512

dc4593a0f5cfe41b728bf221fefa2ac6d11b3be1e4cee3ee889c2fcee57ae0554b836e1896f08cf389fa937392db49bbf5c9ad252581d3744bd874cd2149bde4
SSDEEP

24576:/te4A3+6oYEx4CRkIjnB/bnGof25XXjThl+/T6hBOxhZWPZi:/g7kSCRkKB/fKXfhl8eaW8

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
7384e6bd53b4bb619bb9704defb978b29beeffeac283f82d0604ee7e7ce6b0bb
unpack001/out.upx

Files

7384e6bd53b4bb619bb9704defb978b29beeffeac283f82d0604ee7e7ce6b0bb
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 2.0MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 914KB - Virtual size: 916KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 668KB - Virtual size: 665KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 271KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ