4a0c4ea61b84ba3d395db5b3d05f57300fd7774638631c11318c6e5f2bc6e792 | Triage

Sharing

General

Target

4a0c4ea61b84ba3d395db5b3d05f57300fd7774638631c11318c6e5f2bc6e792
Size

129KB
MD5

175cb0a3c9066e11b208fca71bf74c8d
SHA1

9449b714269f7bc84dc5c3a676867e8278fde67d
SHA256

4a0c4ea61b84ba3d395db5b3d05f57300fd7774638631c11318c6e5f2bc6e792
SHA512

cce2931532705c62eb0a6e24530e43ebfa27a16f89c20fd121cb4fbac6d321e057173149209ba21782523076741c44c0f04a15b024cd52c0cbdf4e94db532ecd
SSDEEP

3072:mNVJoqk+6oSqdMKY4orvqsb1uyb1wAlFybGDbfATdzO0OW0prxw:mNf1Io5yQoTqsZuyZwkocfkzDOprxw

Score

7^/10

upx

Malware Config

Signatures

UPX packed file 1 IoCs

Detects executables packed with UPX/modified UPX open source packer.

resource	yara_rule
sample	upx

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
4a0c4ea61b84ba3d395db5b3d05f57300fd7774638631c11318c6e5f2bc6e792
unpack001/out.upx

Files

4a0c4ea61b84ba3d395db5b3d05f57300fd7774638631c11318c6e5f2bc6e792
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

UPX0
Size: - Virtual size: 112KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

UPX1
Size: 113KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE
out.upx
.exe windows:4 windows x86 arch:x86

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Sections

.text
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 172KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ